Protecting IMPORTANT file in Linux
Sometimes, by mistake you (as root) can delete some of the important files from your linux machine. It can be a ".conf" file for any important server or anyother file that is important for you.
As root user, you have all the rights to do whatever you wish to do on the system. It is indeed a good thing and a blessing but sometimes this EXTRA power can be dangerous. Imagine giving "
PHP Code:
rm -rf /etc/mail/
" -- this can delete all your mail server configuration files.
There is a small HACK (hack means intelligent program) to make your important files IMMUTABLE (even root cannot remove them accidently).
There is a command "chattr" that can be used to make your important files protected against accident removals.
The syntax is:
PHP Code:
chattr +i filename
i means - A file with the ‘i’ attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file.
So your important files are protected against accident removal and data manipulation. Here I am showing one example:
Showing the importance of "chattr" command
1. I had created a file "impfile" under /tmp
2. Make it "immutable" using "chattr command" -- chattr +i impfile
3. Tried to delete the file (login as root user) -- FAILED
4. Tried to modify the contents of file (as root user) -- FAILED
5. Tried to create a link of the file (as root user) -- FAILED
Now that's a HACK!!!!
PS: whenever you wish to remove the file, for any reasons just give:
PHP Code:
chattr -i filename
and then delete it, as usual. As shown:
showing how to delete a file having chattr -i option set
No comments:
Post a Comment