The chattr commands allows us to change the file attributes in some interesting ways. It comes with the e2fsprogs package and its syntax is straight-forward:
# chattr -Rf +-=acdeijstuACDST <filename>
The “-R” flag performs the change recursively whereas the “-f” flag suppresses the most common error messages.
The + operator enables the attribute. The – operator disables it. Whereas the = operator sets the explicitly stated attributes and disables all the rest if they were enabled before.
The most useful attributes are listed below but we should keep in mind that some might be buggy and some might be unavailable in certain Linux kernels and file system types.
Char Attribute
A disables updating the “atime”
a file can only be open in append mode
C disables copy-on-write for the file
c transparency compresses the file
D applies to directories only and force sync writes
d applies to files only and causes dump utility to ignore the file when run
i causes the file to be immutable: no writes, deletes, renames or links
S same as D option for files
s secure delete means that upon deletion, all former file blocks are zeroed
The lsattr is used to list the file & directory attributes:
root:/tmp/tmp1> lsattr
—-———e– ./trip
—-———e– ./test.1
—-———e– ./security_watchdog.pdf
—-———e– ./test123
—-———e– ./2resolv.txt
—-———e– ./tmp.O7sV4FI8Ms
—-———e– ./tree
—-———e– ./ssh.pdf
—-———e– ./strace.log
.
root:/tmp/tmp1> chattr +AaCcDdiSs trip
root:/tmp/tmp1> lsattr trip
s-S-iadAc—-e– trip
The attributes that are enabled are visible and the rest are disabled (i.e. marked with “-“).