A very useful Linux tip on how to make files and directories undeletable even by the root user. You can apply this tip on all important configuration files so that no one accidentally or intentionally deletes it. To achieve this the chattr (Change Attribute) command is used it Linux. The chattr command “immunizes” the file not only from deletion but also modification. The chattr command does care about chmod values, even if a file has 777 permissions immunizing the file will prevent it from being deleted or modified.
chattr +i /path/to/filename
The above command will add the “immutable” flag to the file. Try removing the file with the rm command and you’ll receive the error
rm: cannot remove `file’: Operation not permitted
The same will happen when you try to modify this file. You can also add the immutable flag to directories.
chattr +i /path/to/directory
This will make the directory undeletable, you cannot create new files inside this directory but existing files can be modified but CANNOT be deleted. To recursively immunize everything inside a directory.
chattr -R +i /path/to/directory
How to remove the immutable flag ?
If you ever what to delete the file the immutable attribute should be removed. For this just use a minus (-) symbol in the place of plus (+)
chattr -i /path/to/file
You can do the same for directories too.
How to view file attributes ?
To find out the attributes of a file included whether the file is immunized
lsattr /path/to/directory
The lsattr will produce an output similar to the one below
----i------------e- ./file
----i------------e- ./dir
-----------------e- ./file2
The letter ‘i’ shows that a file has the immutable attribute. The letter ‘e’ according to the man page of chattr says
The ‘e’ attribute indicates that the file is using extents for mapping the blocks on disk. It may not be removed using chattr(1).
Thanks !
This is ALMOST what I need:
On a number of occasions I have accidentally deleted all the files in my RoundCubeMail Sent dir – I have always managed to recover nearly everything from backups but it annoys me to lose even insignificant mails. I need a Sent dir where mails are continuously created as normal but created with the “chattr +i” option so they can’t be deleted – but that does not seem possible? The only way I can see to do that is to use something like inotifywait and automatically change every new file created . .
Any other ideas?
Thanks,
Phil.
Hi Phil,
You could set the following to run as a cronjob every hour (/etc/cron.hourly/) as the root user:
chattr +i $(find /path/to/roundcube/sent/folder -type f -iname "*" -exec lsattr {} \; | grep -vP "(?<=-)i(?=-).* " | cut -d' ' -f2)The regular expression used in grep is not perfect but should work in most cases. I got it from http://unix.stackexchange.com/a/132796
Jesin,
Thanks for that but I think an inotifywait scriptlet would be better – that would do the job as soon as a file was created. It would be nice if there was bit set option on the directory that would do it automatically but that doesn’t seem to exist . .
P.
Hi, i need your Help…
I need to remove all attributes in all “folder and files” in my folder “public_html” in my site….
How i can remove in all files and folder on one command??
I try but dont work….
-type f -exec chattr +i \{\} \;
Thanks
Hi Allan,
Try this inside the
public_htmldirectoryfind . -type f -exec chattr -i {} \;