What Are File Attributes?
File attributes are certain properties that are associated with the file. The attributes allow a file to have some characteristics that are valid for all users.
You may be familiar with the file permissions on Linux. As Linux is a multi-user operating system, it is possible to assign different file or folder permissions for different users.
File attributes are quite similar to permissions on Linux. However, while basic permissions are only limited to read, write, and execute, the attribute allows the files or folders to have some extended sets of rules that apply on them.
chmod command. If you are not familiar with the Linux permissions, we recommend you to take a look at our comprehensive guide on the matter. Knowledge of file or folder permissions are not required to follow this tutorial.An important thing to remember about the attributes is that the attributes generally apply to all the users in the system (even root).
For example, if a file were to be assigned the read-only attribute, that file would not allow any user (including root) to modify it. Obviously, the root user could modify the file, but only after removing the read-only attribute.
In this tutorial, we’ll be showing you what attributes are there, and how to change them with the chattr command. The command chattr stands for change attribute.
The command syntax and usage are pretty simple to learn. The important thing to remember are the different attributes and what they do.
Different Attributes On Linux And Their Function
We’ll go over different attributes that Linux supports in this section before we start learning how to use the chattr command to change and assign different attributes to files and folders.
If you want to skip past all these attributes and just look at the command, you are free to do so. You can always take a look at this page when you’re changing the attributes.
There’s also another way to get all the attributes and what they do. Just type in man chattr and it will bring up the manual page for the chattr command.
The letters aAcCdDeijsStTu are used to indicate different attributes for the files. Below is the list of what these attributes are:
a - append only A - no atime updates c - compressed C - no copy on write d - no dump D - synchronous directory updates e - extent format i - immutable j - data journalling s - secure deletion S - synchronous updates t - no tail-merging T - top of directory hierarchy u - undeletable
Here are the explanations for some of these attributes:
a – When the a attribute is set, a file can only be opened in append mode for writing. Only root can set or remove this attribute.
A – A file with the A attribute set will have its atime record unmodified.
c – When the c attribute is set, a file is automatically compressed on the disk. When reading from this file, it is uncompressed. While writing to this file, the data is compressed before storing on the disk.
C – A file with the C attribute set would not be subjected to copy-on-write updates.
d – When the d attribute set, a file is not included for backing up when the dump program is run.
D – When a directory has the D attribute set and it is modified, the changes will be written synchronously on the disk. This is equivalent to the dirsync mount option applied to a subset of the files.
e – The e attribute indicates that the file is using extents for mapping the blocks on disk. It may not be removable by chattr.
i – When a file is set with the i attribute, it cannot be modified. The file cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the root can set or remove this attribute.
s – When a file with the s attribute set is deleted, its blocks are zeroed and written back to the disk.
S – A file with the S attribute set, when modified, the changes are written synchronously on the disk. This is equivalent to the sync mount option applied to a subset of the files.
u – When a file with the u attribute set is deleted, its contents are saved. This allows the user to ask for its undeletion.
Basic Usage Of The Chattr Command
Now that you know some of the attributes and what they mean, let’s get familiar with the basic syntax and usage of the chattr command. The chattr command has the following basic syntax when you enter chattr -h in the terminal:
chattr -h
Usage: chattr [-RVf] [-+=aAcCdDeijsStTu] [-v version] files...
Following the chattr command, the first field is for the options (-RVf). You should already recognize what the second field enclosed by the third braces (-+=aAcCdDeijsStTu) signifies. Yes, they are the attributes you want to set or remove. As for the - + = symbols at the beginning, they are called the operators.
Remember to use sudo whenever needed.
The Operators
There are three operators that decide whether to add, remove, or set attributes to files or folders. These are:
+operator: Sets new attributes to a file.-operator: Removes already existing attributes from a file.=operator: Sets a specific set of attributes to a file.
Viewing The Attributes Of A File Or A Folder
We can use the lsattr command to view the existing attributes of a file or a folder. Let’s see this in action:
lsattr payload.apk
--------------e------- payload.apk
The output of the command shows the attributes that are set to the file payload.apk. Only the e attribute is set to this file. Let’s try to see the attributes assigned to the files inside of a folder:
lsattr BUET/Hosts
--------------e------- BUET/Hosts/239.txt --------------e------- BUET/Hosts/237.txt --------------e------- BUET/Hosts/245.txt --------------e------- BUET/Hosts/243.txt --------------e------- BUET/Hosts/221.txt
In this example, the Hosts directory contains some text files, and all of them have the e attribute set to them.
Setting New Attributes To Files
To set new attributes to a file, we’ll use the + operator with the chattr command specifying the attributes. Let’s set some new attributes to the payload.apk file we saw in the previous section:
chattr +adu payload.apk
This command should add the a, d, and u attributes to the payload.apk file. Let’s check if the command worked:
lsattr payload.apk
-u---ad-------e------- payload.apk
As you can see from the output, the file payload.apk has these additional attributes now assigned to it.
You can use the -V flag to get a verbose output from the chattr command:
chattr -V +adu payload.apk
chattr 1.46.2 (28-Feb-2021) Flags of payload.apk set as -u---ad-------e-------
Now, the output shows a detailed description of what happened with the command.
Setting New Attributes To Folders/Directories
To set new attributes to files inside of a directory, we will use the -R flag to recursively change the attribute of each file. Let’s change the attribute of the Hosts directory we showed you previously:
chattr -RV +adu BUET/Hosts/
chattr 1.46.2 (28-Feb-2021) Flags of BUET/Hosts/ set as -u---ad-------e------- Flags of BUET/Hosts//239.txt set as -u---ad-------e------- Flags of BUET/Hosts//237.txt set as -u---ad-------e------- Flags of BUET/Hosts//245.txt set as -u---ad-------e------- Flags of BUET/Hosts//243.txt set as -u---ad-------e------- Flags of BUET/Hosts//221.txt set as -u---ad-------e-------
From the verbose output, we can already see that our command succeeded. Let’s check with the lsattr command once more:
lsattr BUET/Hosts
-u---ad-------e------- BUET/Hosts/239.txt -u---ad-------e------- BUET/Hosts/237.txt -u---ad-------e------- BUET/Hosts/245.txt -u---ad-------e------- BUET/Hosts/243.txt -u---ad-------e------- BUET/Hosts/221.txt
The result is as expected. Now, let’s remove all these attributes that we added.
Setting A Specific Set Of Attributes To Files Or Directories
In this section, we’ll teach you how to set a specific set of attributes to a file or a folder.
We’ll be using the = operator to do this. Remember that, in this case the existing attributes will be overwritten by the attributes specified after the = operator. This will become clearer with examples. Let’s set a and d attributes to the payload.apk file:
chattr -V =ad payload.apk
chattr 1.46.2 (28-Feb-2021) Flags of payload.apk set as -----ad---------------
As you can see, the previous attributes of the file were replaced by the a and d attributes. For doing the same for the files inside of a directory, just use the -R flag:
chattr -RV =ad BUET/Hosts
chattr 1.46.2 (28-Feb-2021) Flags of BUET/Hosts set as -----ad--------------- Flags of BUET/Hosts/239.txt set as -----ad--------------- Flags of BUET/Hosts/237.txt set as -----ad--------------- Flags of BUET/Hosts/245.txt set as -----ad--------------- Flags of BUET/Hosts/243.txt set as -----ad--------------- Flags of BUET/Hosts/221.txt set as -----ad---------------
Removing Attributes From Files Or Directories
To remove the attributes from a file we will use the - operator. Let’s remove the a and d attributes from the payload.apk file:
chattr -V -ad payload.apk
chattr 1.46.2 (28-Feb-2021) Flags of payload.apk set as ----------------------
You can do the same thing for the directories with the -R flag as before. You can also mix the operators (+ and -) within a single command. Take a look at the following example:
chattr -RV -ad +e BUET/Hosts
chattr 1.46.2 (28-Feb-2021) Flags of BUET/Hosts set as --------------e------- Flags of BUET/Hosts/239.txt set as --------------e------- Flags of BUET/Hosts/237.txt set as --------------e------- Flags of BUET/Hosts/245.txt set as --------------e------- Flags of BUET/Hosts/243.txt set as --------------e------- Flags of BUET/Hosts/221.txt set as --------------e-------
Now we’re back where we started (with the e attributes only). Let’s take a look at some functions of specific attributes that we can assign to a file.
Create A File That Cannot Be Deleted Or Modified Even By The Root (immutable)
Remember the attribute i? This attribute stands for immutable, which means the file cannot be changed in any way. In other words, you cannot remove, edit, or modify this file. Even the root is unable to do so, until the attribute is removed. Let’s see this in action:
Let’s find out the current attributes of our payload.apk file:
lsattr payload.apk
--------------e------- payload.apk
Now, let’s add the attribute i:
chattr -V +i payload.apk
chattr 1.46.2 (28-Feb-2021) Flags of payload.apk set as ----i---------e-------
We’ve successfully set up the immutable attribute to the payload.apk file. Now let’s try to remove it:
rm payload.apk
rm: cannot remove 'payload.apk': Operation not permitted
As you can see, we really cannot remove this file. Even though I ran this command while logged in as root. Let’s try appending to the file:
echo append something >> payload.apk
zsh: operation not permitted: payload.apk
Again, operation not permitted. Now let’s try to move this file to another folder:
mv payload.apk new
mv: cannot move 'payload.apk' to 'new/payload.apk': Operation not permitted
Same thing! Let me remind you that I’m running all these commands as root. Now let’s try to remove the file after we clear the i or immutable attribute:
chattr -V -i payload.apk
chattr 1.46.2 (28-Feb-2021) Flags of payload.apk set as --------------e-------
Now try removing:
rm payload.apk
This time it worked and the file was removed. You may find this method of making a file unmodifiable quite useful. You could turn your important files to immutable, so you never delete those files accidentally.
Conclusion
In this tutorial, we covered what file attributes are Linux, and how you can change the attributes of a file or folder with the chattr command.
There are some scenarios where you might find setting a specific set of attributes to a file or a folder to be useful. One such case is covered in this article where you want the file to be immutable.
Another such case would be: allowing a file to only get appended, rather than editing or replacing its existing contents. This can be done using the a or append only attribute.
Remember to read about an attribute in detail before experimenting with it. For example, the u or undeletable attribute does not work on ext2, ext3, or ext4 file systems. Thus, setting the u attribute will not save the file from being deleted in these file systems.
We hope you liked reading this article. If you would like to know more about the attributes and the chattr command, use the manual page of the command by entering man chattr. Drop a comment below if you have any questions regarding the topic, and we’ll get back to you as soon as possible. Thank you for reading!
