Home > Developer > Linux

Introduction to the Linux File lock Protection Command chattr,

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Introduction to the Linux File lock Protection Command chattr,

Chattr command usage: Chattr [-RV] [-v version] [mode] files...
The most important part is in the [mode] section. The [mode] Section is composed of the +-= and [ASacDdIijsTtu] characters, which are used to control files.
Attribute.
+: Append parameters based on the original parameter settings.
-: Remove the parameter based on the original parameter settings.
=: Updated to the specified parameter settings.
A: The atime (access time) of a file or directory cannot be modified, which can effectively prevent I/O errors such as laptop disk errors.
S: Hard Disk I/O synchronization option, similar to sync.
A: Append. After this parameter is set, data can only be added to the file, but cannot be deleted. This attribute is mostly used for server log file security and can only be set by root.
C: Compresse: Specifies whether the file is compressed before being stored. Automatic decompression is required for reading.
D: No dump. the file cannot be the backup target of the dump program.
I: The set file cannot be deleted, renamed, or linked, and cannot be written or added. The I parameter is very helpful for security settings of the file system.
J: That is, journal. this parameter is set so that when a file system is mounted by the mount parameter: data = ordered or data = writeback, the file is first recorded (in journal) when written ). If the filesystem parameter is set to data = journal, this parameter is automatically invalid.
S: Confidential deletion of files or directories, that is, the hard disk space is all withdrawn.
U: In contrast to s, when set to u, the data content still exists in the disk and can be used for undeletion.
A and I are often used in each parameter option. Option a can only be added and cannot be deleted. It is mostly used for security settings of the log system. I is a more rigorous security setting. This option can be applied only to processes with superuser (root) or CAP_LINUX_IMMUTABLE processing capability (identifier.

Locked file: chattr + I file name

Unlock: chattr-I file name

Attribute view: lsattr file name

 

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More