Linux file systems support some additional attributes for files, attributes that can be assigned or changed using the chattr command. With chattr we can do the following:
• do not change the attribute that points to a file: if we set attribute A, Linux will not update the date when we accessed a specific file. This can reduce disk access time, which in particular can save laptop battery life (or you can edit a file at any time without seeing when you did that);
• just adding: With the ‘a’ attribute we can set a write ban in a specific file, except adding data to its end (append data). This is a security feature that prevents accidental or malicious file changes – useful, for example, in case of log files (logs);
• compression: the ‘c’ attribute causes the kernel to automatically compress the data written in the file and unzip it when reading it;
• immutability: the ‘i’ flag makes a file immutable, which means it can not be written, deleted, renamed, or accessed by links – not even by its owner until the attribute is removed;
• data logging: the ‘j’ flag sends the kernel to log all the data that is written in this file. This attribute improves the recovery time of the file after a system failure. Normally, the attribute has no effect on ext2 file systems;
• Secure Deletion: Normally, after deleting a file, it is marked as deleted, but its inode remembers that it can be recovered: the data blocks where the file is stored are not actually deleted from the hard disk. If we assign the ‘s’ flag we can change this behavior: when a file is deleted, the kernel fills the data blocks with zeros where it was, which makes it impossible to recover it – the attribute is extraordinarily useful for files containing sensitive data;
The list of attributes that can be changed with the chattr command is not complete – many more can be found by entering the command chattr in the terminal.
How the chattr command works
The chattr command runs only by the administrator and runs only on native Linux filesystems.
We can assign, remove or set a specific set of options to a file using the chattr command with the minus (-), plus (+), or equal (=) – will overwrite the existing attributes. For example, to add the immutability flag to a file, we use the command:
chattr +i important_file.txt
To remove this attribute, we will write the command:
chattr -i important_file.txt