"Immutable" ( chattr setting ) - When You Can't Change a File in GNU/Linux



So today I learned about a little thing in the GNU/Linux filesystem called "chattr" and making files "immutable". Basically you can have a plain text file that you think you have full permissions over and then not be able to modify it, rename it, delete it, etc. This nifty (and possibly maddening) trick can be setup with the "chattr" command. See my examples below...

Create a simple text file
shannon@ubuntu-star:~$ echo Linux Rocks > testfile

Check the permissions of the file you just created:
shannon@ubuntu-star:~$ ls -l testfile 
-rw-r--r-- 1 shannon users 12 2011-08-10 23:47 testfile

Note that in the above state, I can write to the file, `mv` the file to a different name, `rm` it, etc. Now, for the magic (Or "basic commands" for a "novice" type stuff, according to http://tldp.org/LDP/abs/html/basic.html )

Use chattr to set the "immutable" attribute to the file.
shannon@ubuntu-star:~$ sudo chattr +i testfile 

Notice how nothing special shows in `ls` for the file:
shannon@ubuntu-star:~$ ls -l testfile 
-rw-r--r-- 1 shannon users 12 2011-08-10 23:47 testfile

And yet, magic ensues.. I can't edit the file, mv the file, rm the file, etc (even as root):
shannon@ubuntu-star:~$ echo Say it Again >> testfile 
bash: testfile: Permission denied
shannon@ubuntu-star:~$ sudo echo Say it Again >> testfile 
bash: testfile: Permission denied
shannon@ubuntu-star:~$ mv testfile testfile2
mv: cannot move `testfile' to `testfile2': Operation not permitted
shannon@ubuntu-star:~$ sudo mv testfile testfile2
mv: cannot move `testfile' to `testfile2': Operation not permitted
shannon@ubuntu-star:~$ sudo rm testfile 
rm: cannot remove `testfile': Operation not permitted

Amazing!

So now to stop the madness:
shannon@ubuntu-star:~$ sudo chattr -i testfile
shannon@ubuntu-star:~$ mv testfile testfile2
shannon@ubuntu-star:~$ ls -l testfile2
-rw-r--r-- 1 shannon users 12 2011-08-10 23:47 testfile2

So if you ever find yourself not being able to edit a file, and if you already know the partition you're working on is not set to read-only, and if you already know that you have full permissions to change a file - maybe "immutable" is your problem...

Setting the immutable property is only one of the options for the chattr command, run `man chattr` to read about other things you can do.

So I learn something new with GNU/Linux every day. Is this awesome or what?

PS: If you've ever wondered what chmod 753 means, here's the answer:
7 -  "owner" gets to read/write/execute
5 -  "group" gets to read/execute
3 -  "others" gets to write/execute

Cheers!
Shannon VanWagner

Popular posts from this blog

How To Connect Ubuntu Linux to Cisco VPN with openconnect (anyconnect-capable alternative)

How To Set Default Grub / kernel / boot option on Ubuntu GNU/Linux 14.04

How To: Fix Samsung Galaxy Nexus MTP File Transfer for Ubuntu GNU/Linux 11.10