This article will illustrate the use of the “i” and “a” file attributes on a Linux operating system. Both of these attributes can come handy when the system administrator wants to apply additional access restrictions to specific files.
Attribute “i“
Sometimes it might be very useful to render a file immutable – nobody (not even the root user) will be able to edit, rename, move or delete this file. The way to do that on a Linux file system is by using file attributes (also called flags) and more specifically the “i“-immutable file attribute.
On a Linux system, there are two commands for working with file attributes. These are:
- chattr – this is the command, which is used to set file attributes to files. Some attributes, including the immutable attribute can only be set by the superuser.
- lsattr – this is the command that is used to display the attributes currently set for a file.
I will illustrate the use of file attributes by the simple example below:
We create an empty file:
[email protected]:~# touch example.txt
Let’s list the current attributes of this file:
[email protected]:~# lsattr example.txt -----------------e- example.txt
As you can see the only flag set for this newly created file is the “e” flag which is on by default for all Linux files on an ext4 file system.
Now, let’s set the “i” flag for this file. Remember that by default, only a superuser can do this:
[email protected]:~# chattr +i example.txt
Let’s list the attributes now:
[email protected]:~# lsattr example.txt ----i------------e- example.txt
As you can see the “i” flag is visible now.
To test the functionality, I will try to modify the file in several ways:
[email protected]:~# mv example.txt renamed.txt mv: cannot move `example.txt' to `renamed.txt': Operation not permitted [email protected]:~# rm -f example.txt rm: cannot remove `example.txt': Operation not permitted [email protected]:~# echo "Some string" > example.txt bash: example.txt: Permission denied
As can be seen from the above examples, we cannot move, delete or add content to this file.
To remove the immutable attribute from a file you need to use the chattr command again. For example:
[email protected]:~# chattr -i example.txt [email protected]:~# lsattr example.txt -----------------e- example.txt
Attribute “a“
Another useful file attribute is the “a” attribute. The “a” stands for “append” and this flag indicates that a file can only be opened for append operations, i.e. additional content can only be added to the file but none of the existing content can be modified.
The functionality can be easily illustrated with the example below:
First, set the “a” attribute:
[email protected]:~# chattr +a example.txt [email protected]:~# lsattr example.txt -----a-----------e- example.txt
Next, attempt to modify the file:
[email protected]:~# rm -f example.txt rm: cannot remove `example.txt': Operation not permitted [email protected]:~# mv example.txt renamed.txt mv: cannot move `example.txt' to `renamed.txt': Operation not permitted [email protected]:~# echo "replacing content" > example.txt bash: example.txt: Operation not permitted [email protected]:~# echo "appending new content" >> example.txt
Only the last operation that we attempted on this file was successful because it just appended the “appending new content” string to the end of the file without modifying its existing content.
The “e” attribute means “extents” and no it is not set on ext2 or ext3 files and will even be removed by fsck if it is found.
You are correct, I have updated the article to state that extents are available by default on the ext4 file system but not on the ext2 and ext3. Thank you for your remark.