File Immutable Attribute

Do you need to set a file so nobody can delete or edit it? Simple! Set the immutable attribute on the file.

Suppose you have an important info.txt file, a frequently asked questions file, a set of instructions, or even installation scripts that exist on a Samba share. Perhaps these files are accessible via SSH or FTP where write permissions are granted. In any case, they must not be deleted or tampered with, even by root.

The immutable attribute makes it so not even root can delete or modify the files, and it is affected using the chattr command. Suppose we want to info.txt file from deletion or modification.
Set the immutable attribute:

sudo chattr +i info.txt

Unset the immutable attribute:

sudo chattr -i info.txt

+i sets the immutable attribute
-i clears the immutable attribute

Even if you are the file owner, you cannot edit or delete the file. Not even a sudo rm info.txt will remove the file if its immutable attribute is set. However, the files can still be read if read permissions exist. This can be a useful workaround for public file shares where write access is needed but you do not want certain files deleted.

Be sure to use sudo even if you own the file or else Bash will return an error: “chattr: Operation not permitted while setting flags on info.txt”

To read the file’s attributes to check if the immutable attribute is set, type

lsattr info.txt

You should see something like this in the output:

----i------------e- info.txt

man chattr provides additional details.


, ,

  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: