The invisible file permission

Home > linux > The invisible file permission – chattr command

The invisible file permission – chattr command

August 25th, 2010 madiga Leave a comment Go to comments

According to the chattr man page…chattr changes file attributes on a Linux second extended file system. So in addition to the usual chown/chmod etc. commands, the permissions you apply to a file or directory using chattr is not visible unless lsattr is command is used.

Applying chattr against certain files on the system can be very helpful such as locking down the /etc/shadow file or other configuration files.

To make file httpd.conf write protected so no one can modify it, type the command:

chattr +i /etc/httpd/conf/httpd.conf

The above command will not allow anyone including root to write to it, modify it and even delete it from the system. In order for root to write to it, it would have to use chattr again to remove the read-only flag.

To remove the read only and allow writes, type:

chattr -i /etc/httpd/conf/httpd.conf

Peace.

Categories: linux Tags: chattr, howto

Comments (0) Trackbacks (0) Leave a comment Trackback

No comments yet.

No trackbacks yet.

How to: Find the model and serial number of a Linux server Tool of the week – xclip

MYNITOR.COM