{"id":436154,"date":"2022-04-22T16:30:00","date_gmt":"2022-04-22T13:30:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/how-to-use-the-chattr-command-on-linux\/"},"modified":"2022-04-22T16:30:00","modified_gmt":"2022-04-22T13:30:00","slug":"how-to-use-the-chattr-command-on-linux","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/","title":{"rendered":"#How to Use the chattr Command on Linux"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a29061930d59\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a29061930d59\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/#%E2%80%9CHow_to_Use_the_chattr_Command_on_Linux%E2%80%9D\" >&#8220;How to Use the chattr Command on Linux&#8221;<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/#Permissions_and_Attributes\" >Permissions and Attributes<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/#Looking_at_a_Files_Attributes\" >Looking at a File\u2019s Attributes<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/#Changing_a_Files_Attributes\" >Changing a File\u2019s Attributes<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/#Setting_the_Append_Only_Attribute\" >Setting the Append Only Attribute<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/#Setting_the_Immutable_Attribute\" >Setting the Immutable Attribute<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/#Dont_Rely_on_Secure_Deletion_on_ext4\" >Don\u2019t Rely on Secure Deletion on ext4<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-use-the-chattr-command-on-linux\/#Useful_But_Use_With_Caution\" >Useful, But Use With Caution<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CHow_to_Use_the_chattr_Command_on_Linux%E2%80%9D\"><\/span>&#8220;How to Use the chattr Command on Linux&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div>\n<figure style=\"width: 1200px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage wp-image-771470 size-full\" data-pagespeed-lazy-srcset=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2021\/11\/hero-1.png?width=398&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1 400w, https:\/\/www.howtogeek.com\/wp-content\/uploads\/2021\/11\/hero-1.png?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1 1200w\" sizes=\"auto, 400w, 1200w\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2021\/11\/hero-1.png?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Linux terminal on a red laptop background.\" width=\"1200\" height=\"675\" data-crediturl=\"https:\/\/www.shutterstock.com\/image-vector\/linux-interface-screen-notebook-world-map-321627716\" data-credittext=\"fatmawati achmad zaenuri\/Shutterstock\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"type:primaryImage imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-vector\/linux-interface-screen-notebook-world-map-321627716\">fatmawati achmad zaenuri\/Shutterstock<\/a><\/span><\/figcaption><\/figure>\n<p>Along with the usual read, write, and execute file permissions, Linux files have another set of attributes that control other characteristics of the file. Here\u2019s how to see them and change them.<\/p>\n<h2 id=\"permissions-and-attributes\"><span class=\"ez-toc-section\" id=\"Permissions_and_Attributes\"><\/span>Permissions and Attributes<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In Linux, who can access a file and what they can do with it is controlled by a user-centric set of\u00a0<em>permissions<\/em>. Whether you can read the contents of a file, write new data into the file, or execute a file if it is a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">script<\/a> or a program, is all governed by that set of permissions. The permissions are applied to the file, but they define the restrictions and capabilities for different categories of user.<\/p>\n<p>There are permissions for the\u00a0<em>owner<\/em>\u00a0of the file, for the\u00a0<em>group<\/em>\u00a0of the file, and for\u00a0<em>others<\/em>\u2014that is, users who are not in the first two categories. You can use the <code>ls<\/code> command with the <code>-l<\/code> (long listing) option to see the permissions on a file or directory.<\/p>\n<p>To change the permissions, you use the <code>chmod<\/code> command. At least, you can if you have write permissions for the file, or if you\u2019re the root user.<\/p>\n<p>We can see that file permissions are user-centric because they award or remove permissions at the user level. By contrast, the\u00a0<em>attributes<\/em>\u00a0of a file are file system-centric. Like permissions, they\u2019re set on the file or directory. But once they\u2019re set, they\u2019re the same for all users.<\/p>\n<p>Attributes are a separate collection of settings from permissions. Attributes control characteristics such as immutability and other file system-level behaviors. To see the attributes of a file or directory we use the <code>lsattr<\/code> command. To set the attributes we use the <code>chattr<\/code> command.<\/p>\n<p>Permissions and attributes are stored inside\u00a0<em>inodes<\/em>. An inode is a\u00a0file system structure\u00a0that holds information about file system objects such as files and directories. A file\u2019s location on the hard drive, its creation date, its permissions, and its attributes are all stored within its inode.<\/p>\n<p>Because different file systems have different underlying structures and capabilities, attributes can behave differently\u2014or be completely ignored\u2014by some file systems. In this article, we\u2019re using <code>ext4<\/code>\u00a0which is the default file system for many Linux distributions.<\/p>\n<h2 id=\"looking-at-a-files-attributes\"><span class=\"ez-toc-section\" id=\"Looking_at_a_Files_Attributes\"><\/span>Looking at a File\u2019s Attributes<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The <code>chattr<\/code> and <code>lsattr<\/code> commands will already be present on your computer so there\u2019s no need to install anything.<\/p>\n<p>To check the attributes on the files in the current directory, use <code>lsattr<\/code>:<\/p>\n<pre>lsattr<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790682\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/1-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Listing file attributes for all files in a directory\" width=\"644\" height=\"210\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>The dashed lines are placeholders for attributes that are not set. The only attribute that is set is the <code>e<\/code> (extents) attribute. This shows that the file system inodes are using\u2014or will use if required\u2014<em>extents<\/em> to point to all portions of the file on the hard drive.<\/p>\n<p>If the file is held in one contiguous sequence of hard drive blocks, its inode only has to record the first and last blocks used to store the file. If the file is fragmented, the inode has to record the number of the first and last block of each piece of the file. These pairs of hard drive block numbers are called extents.<\/p>\n<p>This is the list of the most commonly used attributes.<\/p>\n<ul>\n<li><strong>a<\/strong>: Append only. A file with this attribute can only be appended to. It can still be written to, but only at the end of the file. It is not possible to overwrite any of the existing data within the file.<\/li>\n<li><strong>c<\/strong>: Compressed. The file is automatically compressed on the hard drive and uncompressed when it is read. Data written to the files is compressed before it is written to the hard drive.<\/li>\n<li><strong>A<\/strong>: No <code>atime<\/code>\u00a0updates. The <code>atime<\/code> is a value in an inode that records the last time a file was accessed.<\/li>\n<li><strong>C<\/strong>: No copy-on-write. If two processes request access to a file, they can be given pointers to the same file. They are only given their own unique copy of the file if they try to write to the file, making it unique to that process.<\/li>\n<li><strong>d<\/strong>: No dump. The Linux <code>dump<\/code> command is used to write copies of entire file systems to backup <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">media<\/a>. This attribute makes <code>dump<\/code> ignore the file. It is excluded from the backup.<\/li>\n<li><strong>D<\/strong>: Synchronous directory updates. When this attribute is turned on for a directory, all changes to that directory are written synchronously\u2014that is, immediately\u2014on the hard drive. Data operations can be buffered.<\/li>\n<li><strong>e<\/strong>: Extent format. The <code>e<\/code> attribute indicates that the file system is using extents to map the location of the file on the hard drive. You cannot change this with <code>chattr<\/code>. It is a function of the operation of the file system.<\/li>\n<li><strong>i<\/strong>: Immutable. An immutable file cannot be modified, including renaming and deleting. The root user is the only person who can set or unset this attribute.<\/li>\n<li><strong>s<\/strong>: Secure deletion. When a file with this attribute set is deleted, the hard drive blocks that held the file data are overwritten with bytes containing zeroes. Note that this is not honored by the <code>ext4<\/code> file system.<\/li>\n<li><strong>S<\/strong>: Synchronous updates. Changes to a file with its <code>S<\/code> attribute set are written to the file synchronously.<\/li>\n<li><strong>u<\/strong>: Deleting a file that has its <code>u<\/code> attribute set causes a copy of the file to be made. This can be beneficial to file recovery if the file was removed in error.<\/li>\n<\/ul>\n<h2 id=\"changing-a-files-attributes\"><span class=\"ez-toc-section\" id=\"Changing_a_Files_Attributes\"><\/span>Changing a File\u2019s Attributes<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The <code>chattr<\/code> command lets us change the attributes of a file or directory. We can use the <code>+<\/code> (set) and <code>-<\/code> (unset) operators to apply or remove an attribute, similar to the <code>chmod<\/code> command and permissions.<\/p>\n<p>The <code>chattr<\/code> command also has an\u00a0<code>=<\/code> (set only) operator. This sets the attributes of a file or directory to only the attributes that are specified in the command. That is, all attributes\u00a0<em>not<\/em>\u00a0listed on the command line are\u00a0<em>unset<\/em>.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Setting_the_Append_Only_Attribute\"><\/span>Setting the Append Only Attribute<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Let\u2019s set the append-only attribute on a text file and see how it affects what we can do with the file.<\/p>\n<pre>sudo chattr +a text-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790685\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/2-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Setting the append only attribute on a text file\" width=\"644\" height=\"55\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>We can check to see that the append-only bit has been set by using <code>lsattr<\/code> :<\/p>\n<pre>lsattr text-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790687\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/3-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Listing the attributes for a text file\" width=\"644\" height=\"95\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>The letter \u201c<code>a<\/code>\u201d indicates the attribute has been set.\u00a0Let\u2019s try to overwrite the file. Redirecting output to a file with a single angle bracket\u00a0 \u201c<code>&gt;<\/code>\u201d replaces all content in the file with the redirected output.<\/p>\n<p>We\u2019ve preloaded the text file with some <em>lorem ipsum<\/em> placeholder text.<\/p>\n<pre>cat text-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790689\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/4.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Placeholder text in a text file\" width=\"644\" height=\"380\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>We\u2019ll redirect the output from <code>ls<\/code> into the file:<\/p>\n<pre>ls -l &gt; text-file.txt<\/pre>\n<pre>sudo ls -l &gt; text-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790690\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/5.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Trying to overwrite an append-only text file \" width=\"644\" height=\"150\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>The operation is not permitted, even if we use the <code>sudo<\/code> command.<\/p>\n<p>If we use two\u00a0angle brackets\u00a0 \u201c<code>&gt;&gt;<\/code>\u201d to redirect output it is appended to the existing data in the file. That should be acceptable to our append-only text file.<\/p>\n<pre>sudo ls -l &gt;&gt; text-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790691\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/6-2.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Redirecting output to the end of a text file\" width=\"644\" height=\"75\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>We\u2019re returned to the command prompt without any error messages. Let\u2019s peek inside the file to see what has happened.<\/p>\n<pre>cat text-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790692\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/7-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Examining the contents of a text file\" width=\"644\" height=\"55\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>The redirected output from <code>ls<\/code> has been added to the end of the file.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790694\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/8-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"New data appended to an append only text file \" width=\"644\" height=\"380\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>Although we can append data to the file, that is the only change we can make to it. We can\u2019t delete it and neither can root.<\/p>\n<pre>rm text-file.txt<\/pre>\n<pre>sudo rm text-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790696\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/9-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Failing to delete an append only text file\" width=\"644\" height=\"150\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Setting_the_Immutable_Attribute\"><\/span>Setting the Immutable Attribute<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>If you want to protect a file that will never have new data added to it, you can set the immutable attribute. This prevents all changes to the file, including appending data.<\/p>\n<pre>sudo chattr +i second-file.txt<\/pre>\n<pre>lsattr second-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790699\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/10-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Setting the immutable attribute on a text file\" width=\"644\" height=\"130\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>We can see the \u201c<code>i<\/code>\u201d indicating the immutable attribute has been set. Having made our file immutable, even the root user can\u2019t rename it (<code>mv<\/code>), delete it (<code>rm<\/code>), or add data to it.<\/p>\n<pre>sudo mv second-file.txt new-name.txt<\/pre>\n<pre>sudo rm second-file.txt<\/pre>\n<pre>sudo ls -l &gt;&gt; second-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790711\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/11-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"An immutable file resisting change\" width=\"644\" height=\"230\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Dont_Rely_on_Secure_Deletion_on_ext4\"><\/span>Don\u2019t Rely on Secure Deletion on ext4<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>As we pointed out, some operating systems do not support all of the attributes. The secure delete attribute is not honored by the <code>ext<\/code> family of file systems, including <code>ext4<\/code>. Don\u2019t rely on this for the secure deletion of files.<\/p>\n<p>It\u2019s easy to see that this doesn\u2019t work in <code>ext4<\/code>. We\u2019ll set the <code>s<\/code> (secure deletion) attribute on a text file.<\/p>\n<pre>sudo chattr +s third-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790738\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/12.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Setting the secure deletion attribute on a text file\" width=\"644\" height=\"110\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>What we\u2019re going to do is find out the inode that holds the metadata about this file. The inode holds the first hard drive block occupied by the file.\u00a0The file contains some <em>lorem ipsum<\/em> placeholder text.<\/p>\n<p>We\u2019ll read that block directly from the hard drive to verify we\u2019re reading the correct hard drive location. We\u2019ll delete the file and then read that same hard dive block once more. If the secure deletion attribute is being honored, we should read zeroed bytes.<\/p>\n<p>We can find the inode of the file by using the <code>hdparm<\/code> command with the <code>--fibmap<\/code> (file block map) option.<\/p>\n<pre>sudo hdparm --fibmap third-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790744\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/13.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Finding the inode of a file\" width=\"644\" height=\"190\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>The first hard drive block is 18100656. We\u2019ll use the <code>dd<\/code> command to read it.<\/p>\n<p>The options are:<\/p>\n<ul>\n<li><strong>if=\/dev\/sda<\/strong>: Read from the first hard drive on this computer.<\/li>\n<li><strong>bs=512<\/strong>: Use a hard drive block size of 512 bytes.<\/li>\n<li><strong>skip=18100656<\/strong>: Skip all blocks before block 18100656. In other words, start reading at block 18100656.<\/li>\n<li><strong>count=1<\/strong>: Read one block of data.<\/li>\n<\/ul>\n<pre>sudo dd if=\/dev\/sda bs=512 skip=18100656 count=1<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790768\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/14.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Reading the first hard drive block of a file\" width=\"644\" height=\"75\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>As expected we see the <em>lorem ipsum<\/em> placeholder text. We\u2019re reading the correct block on the hard drive.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790769\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/15-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"\" width=\"644\" height=\"315\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>Now we\u2019ll delete the file.<\/p>\n<pre>rm third-file.txt<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790771\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/16.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"\" width=\"644\" height=\"75\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>If we read that same hard drive block, we can still see the data.<\/p>\n<pre>sudo dd if=\/dev\/sda bs=512 skip=18100656 count=1<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-790777\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/17.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Reading the data from a hard drive block used by a deleted file\" width=\"644\" height=\"315\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>Again, don\u2019t depend on this for secure deletion on <code>ext4<\/code>.There are better methods available to delete files so that they can\u2019t be recovered.<\/p>\n<p><strong>RELATED:<\/strong> <strong><em>How to Securely Delete Files on Linux<\/em><\/strong><\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Useful_But_Use_With_Caution\"><\/span>Useful, But Use With Caution<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Setting the attributes of files can make them impervious to accidental disaster. If you can\u2019t delete or overwrite a file, it is pretty safe.<\/p>\n<p>You might think you\u2019d like to apply them to system files and make your Linux installation more secure. But system files need to be replaced periodically as updates are issued or upgrades are applied. For that reason, it\u2019s safest to only use these attributes on files of your own creation.<\/p>\n<p><strong>RELATED:<\/strong> <strong><em>How to Secure Your Linux Server with fail2ban<\/em><\/strong><\/p>\n<\/div>\n<p><script>\n setTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s) } (window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n   fbq('init', '335401813750447');\n   fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.howtogeek.com\/790679\/how-to-use-the-chattr-command-on-linux\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;How to Use the chattr Command on Linux&#8221; fatmawati achmad zaenuri\/Shutterstock Along with the usual read, write, and execute file permissions, Linux files have another set of attributes that control other characteristics of the file. Here\u2019s how to see them and change them. Permissions and Attributes In Linux, who can access a file and what&#8230;<\/p>\n","protected":false},"author":1,"featured_media":436155,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2021\/11\/hero-1.png?height=200p&trim=2,2,2,2","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-436154","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/436154","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=436154"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/436154\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/436155"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=436154"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=436154"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=436154"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}