How to Prevent File/Directory Modification, Deletion and Renaming in Linux?

If you are looking to prevent any file from being modified, delete or renaming, you will need to set the immutable flag on it. It can set on files or directories. Once the immutable flag is added, files/folders can't be modified or deleted. If you have added an immutable flag and want to make changes in your files, you will need to remove the immutable flag. It is an extended file system attribute.

Please refer to the following steps to set the immutable flag. You will require to log in with root to set the immutable flag.

  1. First, we will create a file named test.txt with the below command.

    # touch test.txt
    
  2. Use lsattr command to check the extended attribute. By default, there is only 'e' is present.

    # lsattr test.txt
    
  3. We will add some content on the test.txt and it should work fine as we haven't made any changes yet.

    # echo This is a test of immutable flage >> test.txt
    # cat test.txt
  4. Let us use chattr command to set +i flag. Here, i mean immutable.

    # sudo chattr +i test.txt
  5. Now we will use the below command to verify the immutable for the file test.txt

    # lsattr test.txt

          Output :

----i---------e---- test.txt
  1. As per the above output test.txt is now immutable. We will try to modify or delete the same file.

    # echo test-modification >> test.txt
    -bash: test.txt: Permission denied
    # rm -f test.txt
    rm: cannot remove ‘test.txt’: Operation not permitted
    #  mv test.txt test2.txt
    mv: cannot move ‘test.txt’ to ‘test2.txt’: Operation not permitted

    As per the above error, we can see that file is not been able to modify or delete as we have set the immutable flag on it. Please note that if you set immutable to any of the folder, it will set the immutable flag for entire files/folders inside the same folder.

  2. If you want to make changes on the same file, you will need to remove the immutable. Following command will remove the immutable flag from any of the file.
    # chattr -i test.txt
  3. We will verify that immutable flag is not removed.

    # lsattr test.txt

Output :

-------------e-- test.txt

          Now, you can modify or delete the file without any issue.

  • 0 Users Found This Useful

Was this answer helpful?

Related Articles

How to Hide Your NGINX Server Version.

Sometimes hackers target your server with a technic called banner grabbing. Usually, banner...

How to deploy Mean.js application to Linux VPS?

Upload Mean.js Files via SFTP In FileZilla Once your mean.js webcontent is ready, you need to...

How to install the Zabbix agent version 4.0 on Debian 9 (strech)?

Zabbix is an Open-source monitoring tool use to monitor the health of servers, networks and other...

Can I open APN port 2195 on my VPS?

You will get full administrative control of your VPS, therefore you can surely open/close any...

Fix :: SSH Error: Starting sshd: Missing privilege separation directory: /var/empty/sshd

Problem Statement Could not connect to Linux machine through SSH. Error Message While starting...