Movatterモバイル変換

[0]ホーム

Jump to content

chattr

Edit links

From Wikipedia, the free encyclopedia

Command in Linux

Not to be confused withChatr.

chattr
Original author(s)	Remy Card
Operating system	Linux
Platform	Cross-platform
Type	Command

chflags
Operating system	BSD-like systems, includingmacOS
Platform	Cross-platform
Type	Command

chattr is thecommand inLinux that allows a user to set certainattributes of a file.lsattr is the command that displays the attributes of a file.

MostBSD-like systems, includingmacOS, have always had an analogouschflags command to set the attributes, but no command specifically meant to display them; specific options to thels command are used instead. The chflags command first appeared in4.4BSD.

Solaris has no commands specifically meant to manipulate them.chmod^[1] andls^[2] are used instead.

OtherUnix-like operating systems, in general, have no analogous commands. The similar-sounding commandschatr (fromHP-UX) andlsattr (fromAIX) exist but have unrelated functions.

Among other things, thechattr command is useful to make files immutable so that password files and certain system files cannot be erased during software upgrades.^[3]

In Linux systems (chattr andlsattr)

[edit]

File system support

[edit]

The command line toolschattr (to manipulate attributes) andlsattr (to list attributes) were originally specific to the Second Extended Filesystem family (ext2,ext3,ext4), and are available as part of thee2fsprogs package.

However, the functionality has since been extended, fully or partially, to many other systems, includingXFS,ReiserFS,JFS andOCFS2. The btrfs file system includes the attribute functionality, including theC flag, which turns off the built-in copy-on-write (CoW) feature of btrfs due to slower performance associated with CoW.

chattr description

[edit]

The form of thechattr command is:

chattr[-RVf][-+=AacDdijsTtSu][-vversion]files...

-R recursively changes attributes of directories and their contents
-V is to be verbose and print the program version
-f suppresses most error messages

lsattr description

[edit]

The form of thelsattr command (gnu 1.41.3):

lsattr[-RVadv][files...]

-R recursively lists attributes of directories and their contents
-V displays the program version
-a lists all files in directories, includingdotfiles
-d lists directories like other files, rather than listing their contents

Attributes

[edit]

Some attributes include:

File attributes on a Linux file system according to the`chattr(1)` Linux man page
Attribute	lsattr flag	chattr option	Semantics and rationale
No`atime` updates	`A`	`+A` to set `-A` to clear	When a file with the`A` attribute set is accessed, itsatime record is not modified. This avoids a certain amount of disk I/O operations.
Append only	`a`	`+a` to set `-a` to clear^{[note 1]}	A file with the`a` attribute set can only be open in append mode for writing.
Compressed	`c`	`+c` to set `-c` to clear^{[note 2]}	A file with the`c` attribute set is automatically compressed on the disk by the kernel. A read from this file returns uncompressed data. A write to this file compresses data before storing them on the disk.
No Copy-on-Write (CoW)	`C`	`+C` to set `-C` to clear^{[note 3]}	A file with the`C` attribute will not be subject to Copy-on-Write updates. Updates to these files may not be subject to atomic snapshots, and may lack some reliability information on some filesystems and kernels.
Synchronous directory updates	`D`	`+D` to set `-D` to clear	When a directory with the`D` attribute set is modified, the changes are written synchronously on the disk This is equivalent to the`dirsync`mount option, applied to a subset of the files.
No dump	`d`	`+d` to set `-d` to clear	A file with the`d` attribute set is not candidate for backup when thedump program is run.
Compression error	`E`	(unavailable)	The`E` attribute is used by the experimental compression patches to indicate that a compressed file has a compression error.
Extent format	`e`	(unavailable)	The`e` attribute indicates that the file is usingextents for mapping the blocks on disk.
Huge file	`h`	(unavailable)	The`h` attribute indicates the file is storing its blocks in units of the filesystem blocksize instead of in units of sectors. It means that the file is, or at one time was, larger than 2TB.
Indexed directory	`I`	(unavailable)	The`I` attribute is used by thehtree program code to indicate that a directory is being indexed using hashed trees.
Immutable	`i`	`+i` to set `-i` to clear^{[note 1]}	A file with the`i` attribute cannot be modified. It cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. When set, prevents,even the superuser, from erasing or changing the contents of the file.
Data journaling	`j`	`+j` to set `-j` to clear^{[note 4]}	A file with the`j` attribute has all of its data written to theext3 journal before being written to the file itself, if the filesystem is mounted with the`"data=ordered"` or`"data=writeback"` options. When the filesystem is mounted with the`"data=journal"` option all file data is alreadyjournaled, so this attribute has no effect.
Secure deletion	`s`	`+s` to set `-s` to clear^{[note 2]}^{[note 5]}	When a file with the`s` attribute set is deleted,its blocks are zeroed and written back to the disk.
Synchronous updates	`S`	`+S` to set `-S` to clear	When a file with the`S` attribute set is modified, the changes are written synchronously on the disk; this is equivalent to the 'sync' mount option applied to a subset of the files. This is equivalent to the`sync`mount option, applied to a subset of the files.
Top of directory hierarchy	`T`	`+T` to set `-T` to clear	A directory with the`T` attribute will be deemed to be the top of directory hierarchies for the purposes of theOrlov block allocator. This is a hint to the block allocator used byext3 andext4 that the subdirectories under this directory are not related, and thus should be spread apart for allocation purposes. For example: it is a very good idea to set the`T` attribute on the`/home` directory, so that`/home/john` and`/home/mary` are placed into separate block groups. For directories where this attribute is not set, the Orlov block allocator will try to group subdirectories closer together where possible.
No tail-merging	`t`	`+t` to set `-t` to clear	For those filesystems that supporttail-merging, a file with the`t` attribute will not have a partial block fragment at the end of the file merged with other files. This is necessary for applications such asLILO, which reads the filesystem directly and doesn't understand tail-merged files.
Undeletable	`u`	`+u` to set `-u` to clear^{[note 2]}	When a file with the`u` attribute set is deleted, its contents are saved. This allows the user to ask for itsundeletion.
Compression raw access	`X`	(unavailable)	The`X` attribute is used by the experimental compression patches to indicate that a raw contents of a compressed file can be accessed directly.
Compressed dirty file	`Z`	(unavailable)	The`Z` attribute is used by the experimental compression patches to indicate a compressed file is "dirty".
Version / generation number	`-v`	`-vversion`	File's version/generation number.

Notes

[edit]

^^a ^bOnly the superuser or a process possessing theCAP_LINUX_IMMUTABLE capability can set or clear these attributes.
^^a ^b ^cThese attributes are not honored by theext2 andext3 filesystems as implemented in the current mainline Linux kernels.
^These attributes only make sense for Copy-on-Write file-systems such asbtrfs.
^Only the superuser or a process possessing theCAP_SYS_RESOURCE capability can set or clear this attribute.
^This attribute is not honored by theext4 filesystem as implemented in the current mainline Linux kernelsas reported in Bug #17872.

In BSD-like systems (chflags)

[edit]

File system support

[edit]

Thechflags command is not specific to particular file systems.UFS on BSD systems, andAPFS,HFS+,SMB,AFP, andFAT on macOS support at least some flags.

chflags description

[edit]

The form of thechflags command is:

chflags[-R[-H|-L|-P]]flagsfile...

-H If the -R option is specified, symbolic links on the command line are followed. (Symbolic links encountered in the tree traversal are not followed.)
-L If the -R option is specified, all symbolic links are followed.
-P If the -R option is specified, no symbolic links are followed. This is the default.
-R Change the file flags for the file hierarchies rooted in the files instead of just the files themselves.

Displaying

[edit]

BSD-like systems, in general, have no default user-level command specifically meant to display the flags of a file. Thels command will do with either the-lo, or the-lO, depending on the system, flags passed.

Attributes

[edit]

All traditional attributes can be set or cleared by the super-user; some can also be set or cleared by the owner of the file.Some attributes include:

**File attributes**
Attribute	ls flag	chflags flag	Owner-settable	OS support	Semantics and rationale
Archived	arch	arch,archived	No	All	File is archived
Opaque	opaque	opaque	Yes	All	Directory is opaque when viewed through a union mount
No dump	nodump	nodump	Yes	All	File cannot be dumped
System append-only	sappnd	sappnd,sappend	No	All	Existing data in the file can't be overwritten and the file cannot be truncated
User append-only	uappnd	uappnd,uappend	Yes	All	Existing data in the file can't be overwritten and the file cannot be truncated
System immutable	schg	schg,schange,simmutable	No	All	File cannot be changed, renamed, moved, or removed
User immutable	uchg	uchg,uchange,uimmutable	Yes	All	File cannot be changed, renamed, moved, or removed
System no-unlink	sunlnk	sunlnk, sunlink	No	FreeBSD, DragonFly BSD, macOS	File cannot be removed, renamed or mounted on; on macOS this flag needs to be set or cleared fromsingle user mode
User no-unlink	uunlnk	uunlnk, uunlink	Yes	FreeBSD, DragonFly BSD	File cannot be removed, renamed or mounted on
Hidden	hidden	hidden	Yes	macOS	File is hidden by default in the GUI (but not inls)
Hidden	hidden	hidden, uhidden	Yes	FreeBSD	File might be hidden by default in some GUI desktops (but not inls)
Tracked	tracked	tracked	Yes	macOS	File modifications and deletions are tracked
Restricted	restricted	restricted	No	macOS	File is protected bySystem Integrity Protection; accompanied by theextended attributecom.apple.rootless; flag needs to be set or cleared from Recovery Mode
Compressed	compressed		No	macOS	File isHFS-compressed (read-only flag); not available onAPFS-formatted volumes
Data Vault			No	macOS	Hidden privacy flag sincemacOS Mojave set by the core system to prohibit any access without special entitlements
Offline	offline	offline, uoffline	Yes	FreeBSD	File is offline
Snapshot	snapshot		No	FreeBSD, NetBSD	File is a snapshot file (read-only flag)
Sparse	sparse	sparse, usparse	Yes	FreeBSD	Writes of all zeroes may be written as "holes"
Must be archived	uarch	uarch, uarchive	Yes	FreeBSD	File must be archived

Notes

[edit]

^chmod(1) – illumos andOpenSolaris User Commands ReferenceManual from latest Sun basedOpenSolaris
^ls(1) – illumos andOpenSolaris User Commands ReferenceManual from latest Sun basedOpenSolaris
^chflags(1) – OpenBSD General CommandsManual

References

[edit]

chattr(1) – Linux User CommandsManual
lsattr(1) – Linux User CommandsManual
chflags(1) – OpenBSD General CommandsManual
chflags(1) – FreeBSD General CommandsManual
chflags(1) – NetBSD General CommandsManual
chflags(1) – Darwin andmacOS General CommandsManual (outdated; seenewer version)
stat.h (flags section in the BSD system source code of the macOSXNU kernel)

v t e Unix command-line interface programs andshell builtins
File system	cat chattr chmod chown chgrp cksum cmp cp dd du df file fuser ln ls mkdir mv pax pwd rm rmdir split tee touch type umask
Processes	at bg crontab fg kill nice ps time
User environment	env exit logname mesg talk tput uname who write
Text processing	awk basename comm csplit cut diff dirname ed ex fold head iconv join m4 more nl paste patch printf read sed sort strings tail tr troff uniq vi wc xargs
Shell builtins	alias cd echo test unset wait
Searching	find grep
Documentation	man
Software development	ar ctags lex make nm strip yacc
Miscellaneous	bc cal expr lp od sleep true and false
Categories Standard Unix programs Unix SUS2008 utilities List