Chattr syntax: [root @ test/root] # chattr [+-=] [ASacdistu] [file or directory name] parameter description: +-=: [+ add] [-decrease] [= Set] attribute meaning A: When the attribute A is set, the access time of the file (or directory) is atime (access) it cannot be modified to avoid chattr, for example, when portable computers are prone to disk I/O errors.
Syntax: [root @ test/root] # chattr [+-=] [ASacdistu] [file or directory name]
Parameter description:
+-=: [+ Add] [-decrease] [= Set] attribute meanings respectively
A: When the attribute A is set, the access time of the file (or directory) atime (access) cannot be modified,
This can avoid disk I/O errors for portable computers!
S: This function is similar to the sync function! Data is synchronized to the disk! This effectively prevents data loss!
A: After setting a, this file can only add data, but cannot be deleted. only root can set this attribute.
C: After this attribute is set, the file will be automatically compressed and automatically decompressed during reading!
However, during storage, data will be compressed before being stored (it seems useful for large files !)
D: when the dump (backup) program is executed, setting the d attribute will enable the file (or directory) to be dump!
I: This is amazing! He can make an archive "cannot be deleted, renamed, set links cannot be written or new data can be added !』
Great help for system security!
J: when the file system format ext3 is used, setting the j attribute will record the file in journal before writing!
However, when the filesystem parameter is set to data = journalled, this attribute is invalid because the log has been set!
S: when the file sets the s parameter, it will be completely removed from the hard disk space.
U: opposite to s. when u is used to set the file, the data content still exists in the disk and can be used for undeletion.
Example:
[Root @ test/root] # chattr + I/etc/shadow <= haha! In this case, the file cannot be changed ??? Br/> [root @ test/root] # chattr-I/etc/shadow <= remove this attribute!
Note:
This command is important, especially for system security! Because these properties are hidden, you need to use lsattr to see this property!
I personally think that the most important attribute is the property of + I, because it can make an archive unable to be changed. for those who need strong system security,
It's really important! There are a lot of attributes that need to be set by root! In addition, if it is a log file login file, you need more
+ A can be added but will not be killed! How? Great! When talking about the logon profile in the future, let's talk about how to set it up!
• Lsattr
Syntax:
[Root @ test/root] # lsattr [-aR]
Parameter description:
-A: shows the properties of hidden files;
-R: the data in the subdirectories are also listed!
Example:
[Root @ test/root] # chattr + I. bash_logout
[Root @ test/root] # lsattr-
--------------./.
--------------./..
--- I ----------./. bash_logout
--------------./. Bash_profile
--------------./. Bashrc
--------------./. Emacs
--------------./. Screenrc
Note:
These two commands must be used with caution. for example, if you are in a good mood one day, you will suddenly set the important password record file/etc/shadow
With the I attribute, after several days, you suddenly want to add new users, but never add new users! Don't doubt, please remove the I attribute!
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
