Skip to content


How to make RedHat files immutable?

Today, I found that LINUX file/directory object may be immutable! LINUX like any self respecting UNIX has the chmod, chown commands but in addition it has the chattr, which can make a file immutable (+i) to any change. It can “permanently” fix file/directory access time so it stays the same regardless of how many times the file is accessed +A. I really like the last one! If the s attribute is set on a file its blocks will be written with zeros on deletion making its data recovery impossible – security minded among us make a note!

[root@wmdql1 ~]# touch removeme
[root@wmdql1 ~]# ls -l removeme
-rw-r--r-- 1 root root 0 Jan 15 12:40 removeme

[root@wmdql1 ~]# lsattr removeme
-------------e- removeme

[root@wmdql1 ~]# chattr +i /root/removeme
[root@wmdql1 ~]# lsattr removeme
----i--------e- removeme

[root@wmdql1 ~]# chattr +A /root/removeme
[root@wmdql1 ~]# lsattr removeme
----i--A-----e- removeme

[root@wmdql1 ~]# chattr +s /root/removeme
[root@wmdql1 ~]# lsattr removeme
s---i--A-----e- removeme

[root@wmdql1 ~]# chattr -s /root/removeme
[root@wmdql1 ~]# lsattr removeme
----i--A-----e- removeme

[root@wmdql1 ~]# chattr -A /root/removeme
[root@wmdql1 ~]# lsattr removeme
----i--------e- removeme

[root@wmdql1 ~]# chattr -i /root/removeme
[root@wmdql1 ~]# lsattr removeme
-------------e- removeme

[root@wmdql1 ~]# ls -l removeme
-rw-r--r-- 1 root root 0 Jan 15 12:40 removeme
[root@wmdql1 ~]#

If you keep editing a file and your “staff” keeps on disappearing ….. remember this post and execute the lsattr command against your file. Who knows, maybe the file has been set to be “immutable” to changes which is the reason behind this post! 🙂

Posted in Linux, LINUX, Real life AIX.

Tagged with , , , , .


4 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

  1. Jim Carstensen says

    Hmm, I wonder if the zero-on-delete flag would also be useful for thin provisioned LUNs that allow reclamation. EMC’s VMAX looks like it it will do it, assuming the full 768KB extent is zero’d.

  2. MarkD:-) says

    Jim,

    I wish I knew what you just said but thanks for you comment anyway 🙂

    MarkD

  3. Jim Carstensen says

    Hi Mark,

    We’re implementing new enterprise storage, and we can thin provision the volumes so to AIX it looks like it’s whatever size we want, but it allocates “real disk” as used instead of all up front. However, thin provisioning often is a one-way street in that once it’s allocated it’s there forever, even if it the files are deleted. The storage will add a chunk of real space whenever the OS writes needs more then it has, transparent to the OS.

    However, some storage can reclaim allocated space if whatever size chunk it uses is all zeros, freeing it for future use. This would allow volumes to be large for emergencies, but be able to put that space back for other systems later. A normal rm will only update the inode, so the bytes on the storage still hold their previous value until overwritten by new data.

    But if you zero out the file on delete, IF there’s nothing else on that chunk of space, it would be eligable to be reclamed by the storage.

    Now, there’s places for thin provisioning, it’s not for everything. But being able to reclaim makes it nicer, and being able to set a file to auto-zero could make things easier in some cases.

  4. MarkD:-) says

    Jim,

    you are a gentleman and a scholar too!
    Thanks for your time and your comment without which I would have known less.
    This is a very good information indeed. I miss the days I was AIX and SAN admin too …. 🙁

    Thanks a bunch!

    MarkD:-)



Some HTML is OK

or, reply to this post via trackback.

WordPress Anti Spam by WP-SpamShield



Copyright © 2016 - 2017 Waldemar Mark Duszyk. All Rights Reserved. Created by Blog Copyright.