chattr setting file properties
Syntax options
Chatr is used to modify the hidden permission attribute of the file system; For files and directories, in addition to setting normal and special permissions, you can also use some hidden attributes of files and directories.
[root@zaishu ~]# Chatr [+ - =] [properties] file or directory name chattr [-RVf] [-+=aAcCdDeijsStTu] [-v version] files...
1. Options
-R recursive processing, processing all files and subdirectories in the specified directory together.
-V < version number > set file or directory version.
-V displays the instruction execution process.
+< Properties > open the attribute of the file or directory.
-< Properties > turn off the attribute of the file or directory.
=< Properties > specifies the attribute of the file or directory.
2. Properties and functions
Common attribute options and functions of chatr command
| attribute | function |
|---|---|
| i | If i attribute is set for a file, it is not allowed to delete or rename the file, or add or modify data; If i attribute is set for the directory, you can only modify the data in the files under the directory, but you are not allowed to create or delete files; |
| a | If a attribute is set for a file, data can only be added to the file, but cannot be deleted or modified; If the a attribute is set for the directory, only files can be created and modified in the directory, but files cannot be deleted; |
| u | When a file or directory with this attribute is deleted, its contents will be saved to ensure that it can be recovered later. It is often used to prevent accidental deletion of files or directories. |
| s | In contrast to u, when a file or directory is deleted, it is completely deleted and cannot be recovered. |
| A | The file access time will not change, that is, atime will not change |
| c | Files or directories are compressed by default |
| C | Copy on write not performed Multiple callers obtain the same resource. Another caller modifies the resource and does not generate a copy for other callers |
| d | Do not dump. This file / directory is ignored when using the dump command for backup |
| D | Check for errors in the compressed file. |
| e | Extend format |
| j | Data log, system default |
| S | Synchronize file content changes to the hard disk (sync) immediately. |
| t | Let the file system support tail merging |
| T | Top of directory hierarchy |
Assign i attribute to file
Even the root user cannot delete and modify the data of a file with the i attribute set.
[root@localhost ~]# touch f1 #Establish test file [root@localhost ~]# chattr +i f1 [root@localhost ~]# rm -rf f1 rm:cannot remove 'ftest':Operation not permitted #Cannot delete 'ftesr', operation not allowed #After being given the i attribute, root cannot delete it [root@localhost ~]# echo 111>>f1 bash:ftest:Permission denied #Insufficient permissions to modify the data in the file
Assign i attribute to directory
If the i attribute is set in the directory, even the root user cannot create or delete files in the directory, but the file contents can be modified.
It is also very simple to delete this attribute for a file with the i attribute set. Just change + to - in the chatr command.
[root@localhost ~]# mkdir d1 #Create test directory [root@localhost d1]# touch d1/abc #Then create a test file abc [root@localhost ~]# chattr +i d1 #Give the directory the i attribute [root@localhost ~]# cd d1 [root@localhost d1]# touch bed touch: cannot touch 'bed':Permission denied #Unable to create "bcd", insufficient permissions, dtest directory cannot create a new file [root@localhost d1]# Echo 11 > > ABC / / you can modify the contents of the file [root@localhost d1]# cat abc 11 [root@localhost d1]# rm -rf abc rm: cannot remove 'abc': Permission denied #Unable to delete 'abc', insufficient permissions
Add a attribute to a file or directory
If the a attribute is set in the directory, even the root user cannot delete files in the directory, but can only create new files.
If the a attribute is set for a file, data can only be added to the file, but cannot be deleted or modified.
It is also easy to delete this attribute for a file with the a attribute set. Just change + to - in the chatr command.. The command is as follows:
[root@localhost ~]# mkdir -p /back/log #Create backup directory [root@localhost ~]# chattr +a /back/log #Attribute a [root@localhost ~]# cp /var/log/messages /back/log #You can copy files and create new files to a specified directory [root@localhost ~]# rm -rf /back/log/messages rm: cannot remove '/back/log/messages': Permission denied #Cannot delete / back/log/messages, operation not allowed
Files cannot be overwritten (deleted or modified), but can only be appended
[root@zaishu ~]# touch test [root@zaishu ~]# chattr +a test [root@zaishu ~]# echo "abc" >> test [root@zaishu ~]# echo "abc" > test -bash: test: Operation not permitted
Add A's properties to the file
Add A attribute to the file, and the access time will not change
[root@node2 ~]# chattr +A 1 [root@node2 ~]# lsattr 1 -------A-------- 1 [root@node2 ~]# cat 1 ssadfdsafasdfsadfsadfsdfs [root@node2 ~]# lsattr 1 -------A-------- 1 [root@node2 ~]# stat 1 File: '1' Size: 27 Blocks: 8 IO Block: 4096 regular file Device: fd00h/64768d Inode: 67174765 Links: 1 Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2020-08-05 15:12:28.980059263 +0800 Modify: 2020-06-29 05:04:50.334865922 +0800 Change: 2020-08-05 15:12:54.451060321 +0800 Birth: - [root@node2 ~]# cat 1 ssadfdsafasdfsadfsadfsdfs [root@node2 ~]# stat 1 File: '1' Size: 27 Blocks: 8 IO Block: 4096 regular file Device: fd00h/64768d Inode: 67174765 Links: 1 Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2020-08-05 15:12:28.980059263 +0800 Modify: 2020-06-29 05:04:50.334865922 +0800 Change: 2020-08-05 15:12:54.451060321 +0800
Note that in general, do not use the chatr command to modify the hidden attributes of directories such as /, / dev /, / tmp /, / var /, which can easily cause the system to fail to start.
lsattr view hidden properties
Linux lsattr command: view file system attributes. After configuring hidden attributes of files or directories with chatr command, you can use lsattr command to view them.
[root@localhost ~]# lsattr [options] file or directory name -a: No file or directory name after it indicates that all files and directories (including hidden files and directories) are displayed -d: If the target is a directory, only the hidden attributes of the directory itself will be listed, and the hidden attribute information of the contained files or subdirectories will not be listed; -R: and -d On the contrary, when acting on a directory, it will be displayed together with the hidden information data of the subdirectory.
Attribute meaning
| attribute | function |
|---|---|
| i | If i attribute is set for a file, it is not allowed to delete or rename the file, or add or modify data; If i attribute is set for the directory, you can only modify the data in the files under the directory, but you are not allowed to create or delete files; |
| a | If a attribute is set for a file, data can only be added to the file, but cannot be deleted or modified; If the a attribute is set for the directory, only files can be created and modified in the directory, but files cannot be deleted; |
| u | When a file or directory with this attribute is deleted, its contents will be saved to ensure that it can be recovered later. It is often used to prevent accidental deletion of files or directories. |
| s | In contrast to u, when a file or directory is deleted, it is completely deleted and cannot be recovered. |
| A | The file access time will not change, that is, atime will not change |
| c | Files or directories are compressed by default |
| C | Copy on write not performed Multiple callers obtain the same resource. Another caller modifies the resource and does not generate a copy for other callers |
| d | Do not dump. This file / directory is ignored when using the dump command for backup |
| D | Check for errors in the compressed file. |
| e | Extend format |
| j | Data log, system default |
| S | Synchronize file content changes to the hard disk (sync) immediately. |
| t | Let the file system support tail merging |
| T | Top of directory hierarchy |
see file
[root@localhost ~]# touch attrtest -----------e- attrtest [root@localhost ~]# chattr +aij attrtest [root@localhost ~]# lsattr attrtest ----ia---j-e- attrtest
View all
[root@localhost ~]#lsattr -a -----------e- ./. ------------- ./.. -----------e- ./.gconfd -----------e- ./.bashrc ...
View directory
/The back/log directory, which has the a and e attributes
[root@localhost ~]#lsattr -d /back/log -----a------e- /back/log
summary
Tip: here is a summary of the article:
For example, the above is what we want to talk about today. This paper only briefly introduces the use of pandas, which provides a large number of functions and methods that enable us to process data quickly and conveniently.