Skip to content

How to lock important file on Linux

Introduction

In Linux, the command to modify file attributes is chattr. This command can modify the file attributes of the EXT2, EXT3, EXT4 file system, but this command must be executed by the super user root. The corresponding command is lsattr, which is used to query file attributes.

Usage

chattr +i /etc/sudoers
chattr +i /etc/shadow
chattr +i /etc/passwd
chattr +i /etc/grub.conf

+i is the immutable option, which is used to set the file cannot be modified, deleted, renamed, set link, and cannot write or add content.

chattr +a /var/log/messages
chattr +a /var/log/wtmp

FOr some important log files, you can add the +a option, where +a is append, which means that after setting this option, you can only add data to the file, but not delete it.

Disclaimer
  1. License under CC BY-NC 4.0
  2. Copyright issue feedback me#imzye.me, replace # with @
  3. Not all the commands and scripts are tested in production environment, use at your own risk
  4. No privacy information is collected here
Try iOS App