Chattr role is to modify the permissions ext3 / ext2 file system, it can only be used by the superuser, its function is to set the file's hidden attribute, the hidden attribute is set for the security of the system is of great help.
chattr [-RV] [- + = AacDdijsSu] [-v version] file or directory
The main parameters
-R: Recursively all files and subdirectories.
-V: Detailed display content, and print output.
-: Failure property.
+: Active properties.
=: Specifies the property.
A: Atime, tell the system not to modify this file last access time.
S: Sync, once applications have been written to the file, the system is modified changes are written to disk.
a: Append Only, the system only allows additional data after this document, the process does not allow any cover or truncate the file. If the directory has this attribute, the system will only allow the establishment in this directory and modify files, but you can not delete any files.
i: Immutable, the system does not allow this document to make any changes. If the directory has this attribute, any process can only modify the files under the directory are not allowed to create and delete files.
D: Check the compressed file errors.
d: No dump, during file system backup, dump will ignore the file.
C: Compress, the system transparently compress the file. When reading from the file, the data is returned after decompression; and when writing data to the file, the data is first written to disk only after being compressed.
s: Secure Delete, delete the system at the time of this file, use the area filled with zeros file.
u: Undelete, when an application request to delete the file, the system will retain the data block for later able to recover the deleted files.
But one common options is only a two and i.
For example: # ls -l
-rw-r - r-- 1 root root 0 Mar 15 16:26 chattrtest
#chattr + i chattrtest
# Rm chattrtest
rm: remove write-protected regular empty file `chattrtest 'y?
rm: can not remove `chattrtest ': Operation not permitted
Tip can not be deleted, but the root can not be deleted.
Only after releasing settings can be deleted: #chattr -i chattrtest
When we set the hidden attribute, and how to view it?
Use lsattr command:
#lsattr -a chattrtest
---- I -------- chattrtest
Role lsattr is hidden attribute display file usage is: lsattr [-aR] file or directory
Parameters: -a hidden files property page is displayed
-R Data along with subdirectories are also shown out
These two commands in the use to be especially careful, otherwise it will cause a lot of trouble, such as the / etc / shadow password file attribute set i, then we want to add a user, you will not be increased in, so long as we place i attribute.