What is chattr and lsattr command in Linux and how to use them ?
In this article, we will look what are chattr and lsattr commands in Linux and how to use these commands.
1. What is chattr and lsattr ?
chattr corresponds to “change attribute” and used to change few file/filesystem attributes.
lsattr corresponds to “list attribute” and used to list few file/filesystem attributes.
2. Why to use chattr and lsattr ?
There are multiple attributes with a filesystem, and with files on a filesystem in Linux. Some of the attributes are controlled by chmod command which changes files’ permissions, some are controlled by tune2fs to modify filesystem attributes.
And few of such attributes that control files behavior/access are handled by chattr and lsattr command.
Sometimes we need to change these attributes and hence chattr/lsattr commands are required.
3. Package requirement
Ideally chattr/lsattr command package is already installed on default installation.
However still you can verify using below command.
[root@nglinux ~]# rpm -qa | grep -i e2fsprogs e2fsprogs-libs-1.41.12-23.el6.i686 e2fsprogs-1.41.12-23.el6.i686 [root@nglinux ~]#
If these commands are not available, then you need to install e2fsprogs rpm package using below command.
[root@nglinux ~]# yum install e2fsprogs Loaded plugins: fastestmirror, refresh-packagekit, security Setting up Install Process
4. How to list attributes with lsattr ?
Lets list attributes of a file:
[root@nglinux ~]# lsattr file1 -------------e- file1 [root@nglinux ~]#
In the above output, we can see there are no attributes set(all have -), except “e”.
Lets see what all attributes are supported by lsattr/chattr commmand and then we will see how to change these attributes.
5. List of all attributes shown in lsattr output.
If you count “-” in above lsattr output, you will find there are a total of 15 attributes supported by lsattr/chattr command. Out of these 14 attributes are as follows:
a: append only
c: compressed
d: no dump
e: extent format
i: immutable
j: data journalling
s: secure deletion
t: no tail-merging
u: undeletable
A: no atime updates
C: no copy on write
D: synchronous directory updates
S: synchronous updates
T: top of directory hierarchy
Hence “e” shown above in the lsattr output indicates that the file supports extent format.
The ‘e’ attribute indicates that the file is using extents for mapping
the blocks on disk. It may not be removed using chattr(1).
The last 15th attribute(only shown in lsattr and can’t be changed) has any 1 of the following character:
h: huge file
E: compression error
I: indexed directory
X: compression raw access
Z: compressed dirty file
6. How to change an attribute with chattr ?
Now we know all the attributes available with lsattr, lets check out how to change any of the attribute using chattr command.
To add the attribute we use “+”(addition sign) and to remove the attribute we use “-“(minus sign).
Example 1:- Disabling access time for a file
### Check current access time of the file. [root@nglinux ~]# ls -l --time=atime file1 -rw-r--r--. 1 root root 6 Jan 10 23:02 file1 ### Add attribute A to avoid access time update. [root@nglinux ~]# chattr +A file1 [root@nglinux ~]# lsattr file1 -------A-----e- file1 [root@nglinux ~]# ### Now read file1 to update access time. [root@nglinux ~]# cat file1 hello ### Now check access time, its not updated and same. [root@nglinux ~]# ls -l --time=atime file1 -rw-r--r--. 1 root root 6 Jan 10 23:02 file1 [root@nglinux ~]# ### Now remove atime property and see atime is updated. [root@nglinux ~]# chattr -A file1 [root@nglinux ~]# lsattr file1 -------------e- file1 [root@nglinux ~]# cat file1 hello [root@nglinux ~]# ls -l --time=atime file1 -rw-r--r--. 1 root root 6 Jan 10 23:09 file1 [root@nglinux ~]#
Example 2: Make a file immutable so that no one can delete the file.
We generally use this option to keep safe our files to avoid any accidental delete command.
[root@nglinux ~]# lsattr file1 -------------e- file1 ### Adding immutable flag. [root@nglinux ~]# chattr +i file1 [root@nglinux ~]# lsattr file1 ----i--------e- file1 ### Now try to remove the file. [root@nglinux ~]# rm -rf file1 rm: cannot remove `file1': Operation not permitted [root@nglinux ~]#
Now even the root can’t delete the file.
This is the magic of these file attributes in Linux.
I hope you liked the article. Do post your comments, suggestions or questions below.
How to Show File Attributes in Linux
Linux provides us the access control by file and directory permissions on three levels which are user, group, and other. These file permissions provide the basic level of security and access control.
Linux also has advanced access control features like ACLs (Access Control Lists) and attributes. Attributes define the properties of files. This guide describes what these attributes are and how we can access them.
Attributes in Linux
Some filesystems support additional attributes (other than those described in the preceding sections). In particular, some Linux-native filesystems support several attributes that you can adjust with the chattr command. The files and directories can have the following attributes:
Define each file attributes
The detailed meaning of these attributes according to the manual page is:
- a — append only: this attribute allows a file to be added to, but not to be removed. It prevents accidental or malicious changes to files that record data, such as log files.
- c — compressed: it causes the kernel to compress data written to the file automatically and uncompress it when it’s read back.
- d — no dump: it makes sure the file is not backed up in backups where the dump utility is used
- e — extent format: it indicates that the file is using extents for mapping the blocks on disk.
- i — immutable: it makes a file immutable, which goes a step beyond simply disabling write access to the file. The file can’t be deleted, links to it can’t be created, and the file can’t be renamed.
- j — data journaling: it ensures that on an Ext3 file system the file is first written to the journal and only after that to the data blocks on the hard disk.
- s — secure deletion: it makes sure that recovery of a file is not possible after it has been deleted.
- t — no tail-merging: Tail-merging is a process in which small data pieces at a file’s end that don’t fill a complete block are merged with similar pieces of data from other files.
- u — undeletable: When a file is deleted, its contents are saved which allows a utility to be developed that works with that information to salvage deleted files.
- A — no atime updates: Linux won’t update the access time stamp when you access a file.
- D — synchronous directory updates: it makes sure that changes to files are written to disk immediately, and not to cache first.
- S — synchronous updates: the changes on a file are written synchronously on the disk.
- T — and top of directory hierarchy: A directory will be deemed to be the top of directory hierarchies for the purposes of the Orlov block allocator.
How to list file attribute using lsattr command
Some Linux-native filesystems support several attributes that you can list with the lsattr command. To list attribute of files and sub-directory of the current directory, do
$ lsattr -----a-----------e- ./file1 ----i------------e- ./hello_dir -----------------e- ./usrcopy -----------------e- ./special_characters -----------------e- ./file3 -----------------e- ./contents -----------------e- ./hard_link -----------------e- ./usrlistingHere we can see that the directory ‘hello_dir’ is immutable, and the file named ‘file1’ is append only file.
You can list the attribute of the contents of a particular directory with lsattr command followed with a file or directory name as the argument.
$ lsattr script-test/-------------e-- script-test/password-gen.sh -------------e-- script-test/continue.sh -------------e-- script-test/hello -------------e-- script-test/folder1
As the ls -l command, the -d option with lsattr will list the attributes of the directory itself instead of the files in that directory.
$ # lsattr -d script-test/ -------------e-- script-test/The -R option will list the attributes of a directory recursively. It means that it will show the attributes of the sub-directories’s contents
$ lsattr -R script-test/ -------------e-- script-test/password-gen.sh -------------e-- script-test/continue.sh -------------e-- script-test/hello -------------e-- script-test/folder1 script-test/folder1: ----i--------e-- script-test/folder1/file1You can see that, it shows the attributes of the content of ‘folder1’ too
You can have the version of the program with the -V option
$ lsattr -V lsattr 1.42.9 (28-Dec-2013) -------------e-- ./jdk-8u65-linux-x64.tar.gz -------------e-- ./ttyrec-1.0.6-1.i586.rpm.1 -------------e-- ./bootstrapConclusion
Although there are quite a few attributes that can be used, you should be aware that most attributes are rather experimental and only of any use if an application is employed that can work with the given attribute.
If this resource helped you, let us know your care by a Thanks Tweet. Tweet a thanks
Linux lsattr Command: Display File System Attributes
The lsattr command in Linux is used to list the attributes of files and directories on an ext2, ext3, or ext4 filesystem. File attributes are special flags that can be set on a file to modify its behavior or restrict its access. In this tutorial, we will explain the basics of the lsattr command and its usage.
1. Basic Usage
To list the attributes of a file or directory, simply run the lsattr command followed by the file or directory path:
The output will display the file attributes along with the file name:
The dashes — indicate that the attribute is not set, while a letter indicates an active attribute. In the example above, the e attribute is set, which signifies that the file is using extents for mapping the disk blocks.
2. Understanding File Attributes
Here are some common file attributes that can be displayed using lsattr :
- a (append only): The file can only be opened in append mode, meaning data can be added but existing content cannot be modified or deleted.
- c (compressed): The file is automatically compressed by the filesystem.
- d (no dump): The file is not included when creating backups using the dump command.
- e (extents): The file uses extents for mapping the disk blocks (common in ext4 filesystems).
- i (immutable): The file cannot be modified, deleted, or renamed; no link can be created to it.
- j (journaling): The file’s data is written to the journal before being written to the main file system.
- s (secure deletion): The file’s space is overwritten with zeros when the file is deleted.
- u (undeletable): The file’s content is saved after deletion, allowing it to be undeleted later.
- A (no atime updates): The access time ( atime ) of the file is not updated when the file is accessed.
3. List Attributes for Directories
To list the attributes of files within a directory, use the -R (recursive) option:
This command will display the attributes of all files and subdirectories within the specified directory.
4. Combining lsattr with other commands
You can also use lsattr in conjunction with other commands using pipes. For example, to list all files in a directory with the immutable attribute set, you can use the following command:
lsattr -R /path/to/directory | grep -E "^----i"
In summary, the lsattr command is a useful tool for listing the attributes of files and directories in Linux. Understanding file attributes can help you manage files more effectively and apply specific behaviors or restrictions when necessary. By following this tutorial, you can use lsattr to view and understand the attributes of your files and directories.
Professional provider of PDF & Microsoft Word and Excel document editing and modifying solutions, available for ASP.NET AJAX, Silverlight, Windows Forms as well as WPF. We are dedicated to provide powerful & profession PDF/Word/Excel controls.