Do you need to set a file so nobody can delete or edit it? Simple! Set the immutable attribute on the file.
Suppose you have an important info.txt file, a frequently asked questions file, a set of instructions, or even installation scripts that exist on a Samba share. Perhaps these files are accessible via SSH or FTP where write permissions are granted. In any case, they must not be deleted or tampered with, even by root.
The immutable attribute makes it so not even root can delete or modify the files, and it is affected using the chattr command. Suppose we want to info.txt file from deletion or modification.
Set the immutable attribute:
sudo chattr +i info.txt
Unset the immutable attribute:
sudo chattr -i info.txt
+i sets the immutable attribute
-i clears the immutable attribute
Even if you are the file owner, you cannot edit or delete the file. Not even a sudo rm info.txt will remove the file if its immutable attribute is set. However, the files can still be read if read permissions exist. This can be a useful workaround for public file shares where write access is needed but you do not want certain files deleted.
Be sure to use sudo even if you own the file or else Bash will return an error: “chattr: Operation not permitted while setting flags on info.txt”
To read the file’s attributes to check if the immutable attribute is set, type
You should see something like this in the output:
man chattr provides additional details.