Prevent Files And Folders From Accidental Deletion Or Modification In Linux

Prevent Files And Folders From Accidental Deletion Or Modification In Linux

Data protection is one of the main job of a System administrator. There are numerous free and commercial data protection softwares are available on the market. But, as you might know, there is a simple, yet useful commandline utility called “chattr” (abbreviation of Change Attribute) which can be used to prevent files and folders from accidental deletion in Unix-like distributions. It applies certain attributes to a file or folder in your Linux system. So the users can’t delete or modify the files and folders either accidentally or intentionally, even as root user. Sounds useful, isn’t it?

In this brief tutorial, we are going to see how to use chattr in real time in-order to prevent files and folders from accidental deletion in Linux.

Prevent Files And Folders From Accidental Deletion Or Modification In Linux

By default, Chattr is available in most modern Linux operating systems. Let us see some examples.

The default syntax of chattr command is:

chattr [operator] [switch] [filename]

chattr has the following operators.

  • The operator ‘+’ causes the selected attributes to be added to the
    existing attributes of the files;
  • The operator ‘-‘ causes them to be removed;
  • The operator ‘=’ causes them to be the only attributes that the files have.

Chattr has different attributes namely – aAcCdDeijsStTu. Each letter applies a particular attributes to a file.

  • a – append only,
  • A – no atime updates,
  • c – compressed,
  • C – no copy on write,
  • d – no dump,
  • D – synchronous directory updates,
  • e – extent format,
  • i – immutable,
  • j – data journalling,
  • P – project hierarchy,
  • s – secure deletion,
  • S – synchronous updates,
  • t – no tail-merging,
  • T – top of directory hierarchy,
  • u – undeletable.

In this tutorial, we are going to discuss the usage of two attributes, namely a, i which are used to prevent the deletion of files and folders.

Prevent files from accidental deletion

I am going to create a file called file.txt in my current directory.

touch file.txt

Now, I am going to apply “i” attribute which makes the file immutable. It means you can’t delete, modify the file, even if you’re the file owner and the root user.

sudo chattr +i file.txt

You can check the file attributes using command:

sudo lsattr file.txt

Sample output:

----i---------e---- file.txt

Now, try to remove the file either as a normal user or with sudo privileges.

rm file.txt

Sample output:

rm: cannot remove 'file.txt': Operation not permitted

Let me try with sudo command:

sudo rm file.txt

Sample output:

rm: cannot remove 'file.txt': Operation not permitted

Let us try to append some contents in the text file.

echo 'Hello World!' >> file.txt

Sample output:

bash: file.txt: Operation not permitted

Try with sudo privilege:

sudo echo 'Hello World!' >> file.txt

Sample output:

bash: file.txt: Operation not permitted

As you noticed in the above outputs, We can’t delete or modify the file even as root user.

To revoke attributes, just use “-i” switch as shown below.

sudo chattr -i file.txt

Now, the immutable attribute has been removed. You can now delete or modify the file.

rm file.txt

Similarly, you can restrict the directories from accidental deletion or modification as described in the next section.

Prevent folders from accidental deletion and modification

Create a directory called dir1 and a file called file.txt inside this directory.

mkdir dir1 && touch dir1/file.txt

Now, make this directory and its contents (file.txt) immutable using command:

sudo chattr -R +i dir1

Where,

  • -R – will make the dir1 and its contents immutable recursively.
  • +i – makes the directory immutable.

Now, try to delete the directory either as normal user or using sudo user.

rm -fr dir1
sudo rm -fr dir1

You will get the following output:

rm: cannot remove 'dir1/file.txt': Operation not permitted

Try to append some contents in the file using “echo” command:

See? You can’t modify it either.

To revoke the attributes back, run:

sudo chattr -R -i dir1

Now, you can delete or modify the contents of this directory as usual.

Prevent files and folders from accidental deletion, but allow modification

We know now how to prevent files and folders from accidental deletion and modification. Next, we are going to prevent files and folders from deletion, but allow modification.

To do so, run the following command:

For files:

sudo chattr +a file.txt

For directories: 

sudo chattr -R +a dir1

The “+a” option will allow you to modify the file or folder, but you can’t delete it.

Add some contents to the file(s) to check whether it works or not.

echo 'Hello World!' >> file.txt
echo 'Hello World!' >> dir1/file.txt

Check the file contents using cat command:

cat file.txt
cat dir1/file.txt

Sample output:

Hello World!

You will see that you can now be able to append the contents. It means we can modify the files and folders.

Let us try to delete the file or folder now.

rm file.txt

Output:

rm: cannot remove 'file.txt': Operation not permitted

Let us try to delete the folder:

rm -fr dir1/

Sample output:

rm: cannot remove 'dir1/file.txt': Operation not permitted

To remove the attributes, run the following commands:

For files:

sudo chattr -R -a file.txt

For directories: 

sudo chattr -R -a dir1/

Now, you can delete or modify the files and folders as usual.

For more details, refer the man pages.

man chattr

That’s all for now. You know now how to apply file attributes to files and folders using chattr command, and how to prevent them from accidental deletion or modification. This can be useful to protect the important system files and data in your Linux system.

Cheers!

Thanks for stopping by!

How can I benefit from this blog:

Have a Good day!!

  • Wow, I didn’t know about this feature. Only knew about setting file/directory permissions. Thanks for the tutorial.

  • Bishwajit Samanta

    Wowwwwwww awesome feature