Home IT Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Increase Linux system security --chattr     - VMware virtual machine to install CentOS 7 (Linux)

- CentOS use wget (Linux)

- Use mysqldump MySQL database backup - Linux Shell Scripting (Database)

- Getting Started with Linux system to learn: how to install autossh (Linux)

- Installation JDK1.7 under Ubuntu14.04 64-bit (Linux)

- How to manage KVM virtual environments with command-line tools in Linux (Server)

- iptraf: A Practical TCP / UDP network monitoring tools (Linux)

- Linux upgrade GCC 4.8.1 clear and concise tutorials (Ubuntu 12.04 64-bit version as an example) (Linux)

- Java open source monitoring platform Zorka basic use (Linux)

- DM9000 bare Driver Design (Programming)

- Linux firewall anti-hacker disguise malicious attacks (Linux)

- Linux Shell Scripting multithreading (Programming)

- Verify the character set on MyCAT (Database)

- To install and deploy Java applications under CentOS 6.5 (Linux)

- How do I switch from NetworkManager to systemd-network on Linux (Linux)

- OpenSSL Introduction and compilation steps on Windows, Linux, Mac systems (Linux)

- Java annotations entry automatically generates SQL statements (Programming)

- floating IP in OpenStack neutron (Server)

- Nonstandard IMP-00010 error processing one case (Database)

- Linux operating system boot process analysis (Linux)

 
         
  Increase Linux system security --chattr
     
  Add Date : 2018-11-21      
         
       
         
  Chattr role is to modify the permissions ext3 / ext2 file system, it can only be used by the superuser, its function is to set the file's hidden attribute, the hidden attribute is set for the security of the system is of great help.

chattr usage:

chattr [-RV] [- + = AacDdijsSu] [-v version] file or directory

The main parameters

-R: Recursively all files and subdirectories.

-V: Detailed display content, and print output.

-: Failure property.

+: Active properties.

=: Specifies the property.

A: Atime, tell the system not to modify this file last access time.

S: Sync, once applications have been written to the file, the system is modified changes are written to disk.

a: Append Only, the system only allows additional data after this document, the process does not allow any cover or truncate the file. If the directory has this attribute, the system will only allow the establishment in this directory and modify files, but you can not delete any files.

i: Immutable, the system does not allow this document to make any changes. If the directory has this attribute, any process can only modify the files under the directory are not allowed to create and delete files.

D: Check the compressed file errors.

d: No dump, during file system backup, dump will ignore the file.

C: Compress, the system transparently compress the file. When reading from the file, the data is returned after decompression; and when writing data to the file, the data is first written to disk only after being compressed.

s: Secure Delete, delete the system at the time of this file, use the area filled with zeros file.

u: Undelete, when an application request to delete the file, the system will retain the data block for later able to recover the deleted files.

But one common options is only a two and i.

For example: # ls -l

-rw-r - r-- 1 root root 0 Mar 15 16:26 chattrtest

#chattr + i chattrtest

# Rm chattrtest

rm: remove write-protected regular empty file `chattrtest 'y?

rm: can not remove `chattrtest ': Operation not permitted

Tip can not be deleted, but the root can not be deleted.

Only after releasing settings can be deleted: #chattr -i chattrtest

When we set the hidden attribute, and how to view it?

Use lsattr command:

#lsattr -a chattrtest

---- I -------- chattrtest

Role lsattr is hidden attribute display file usage is: lsattr [-aR] file or directory

Parameters: -a hidden files property page is displayed

-R Data along with subdirectories are also shown out

These two commands in the use to be especially careful, otherwise it will cause a lot of trouble, such as the / etc / shadow password file attribute set i, then we want to add a user, you will not be increased in, so long as we place i attribute.
     
         
       
         
  More:      
 
- Getting jQuery - progress bar (Programming)
- Install Gnome Flashback Classic Desktop on Ubuntu 14.10 / Mint 7 (Linux)
- jQuery plugin dynamic label generation (Linux)
- Distributed transaction management Spring declarative transactions (Programming)
- Kubernetes cluster deployment (Server)
- GAMIT 10.50 installed in Ubuntu 12.04 system (Linux)
- HTML5 Application Cache (Programming)
- Oracle large table to clean truncate .. reuse storage (Database)
- Recent Consolidation Using Linux security module (Linux)
- To install the mail client terminal Evolution 3.13.2 under Ubuntu 14.04 (Linux)
- RVM installation instructions (Linux)
- Bootable ISO image using GRUB (Linux)
- MySQL multi-master multi-cluster deployment uses alive Galera (Database)
- Linux, Oracle listen address modification (Database)
- Linux install the Java Runtime Environment and the output Hello World under (CentOS) (Linux)
- ORA-600 [kcbz_check_objd_typ] Error Handling (Database)
- Let Linux boot methods to enter characters interface and set FrameBuffer resolution methods (Linux)
- 8 Docker knowledge you may not know (Server)
- Snort build a secure Linux server (Linux)
- linux raid levels and concepts introduced (Linux)
     
           
     
  CopyRight 2002-2016 newfreesoft.com, All Rights Reserved.