chattr lsattr linux file system attributes - linux 檔案系統檔案屬性-有解無憂

我們使用 linux 檔案系統定義的檔案屬性，能夠對linux檔案系統進行進一步保護；從而給檔案賦予一些額外的限制；在有些情況下，能夠對我們的系統提供保護；

該命令特定用于 linux extended filesystem (ext2, ext3, ext4)，是e2fsprogs 工具的一部分；而e2fsprogs 工具包，包含了創建，檢查和維護ext2/3/4-based 檔案系統的工具，其也包含badblocks等用于檢查檔案系統壞塊的工具，

chattr命令用來改變檔案屬性，這項指令可改變存放在ext2檔案系統上的檔案或目錄屬性，這些屬性共有以下8種模式：詳細作用，可以查看man手冊；注意該屬性不是linux檔案系統擴展屬性，

a：讓檔案或目錄僅供附加用途；
b：不更新檔案或目錄的最后存取時間；
c：將檔案或目錄壓縮后存放；
d：將檔案或目錄排除在傾倒操作之外；
i：不得任意更動檔案或目錄；
s：保密性洗掉檔案或目錄；
S：即時更新檔案或目錄；
u：預防意外洗掉，

 lsattr - list file attributes on a Linux second extended file system

比如你可以給 /etc/passwd 檔案進行修改，這樣就是連root用戶都不能更改它的代碼；

File attributes on a Linux file system according to the `chattr(1)` Linux man page （該表格轉載自維基百科）
Attribute	lsattr flag	chattr option	Semantics and rationale
Compressed dirty file	`Z`	(unavailable)	The `Z` attribute is used by the experimental compression patches to indicate a compressed file is "dirty".
Compression raw access	`X`	(unavailable)	The `X` attribute is used by the experimental compression patches to indicate that a raw contents of a compressed file can be accessed directly.
Undeletable	`u`	`+u` to set `-u` to clear^{[note 2]}	When a file with the `u` attribute set is deleted, its contents are saved. This allows the user to ask for its undeletion.
Top of directory hierarchy	`T`	`+T` to set `-T` to clear	A directory with the `T` attribute will be deemed to be the top of directory hierarchies for the purposes of the Orlov block allocator. This is a hint to the block allocator used by ext3 and ext4 that the subdirectories under this directory are not related, and thus should be spread apart for allocation purposes. For example: it is a very good idea to set the `T` attribute on the `/home` directory, so that `/home/john` and `/home/mary` are placed into separate block groups. For directories where this attribute is not set, the Orlov block allocator will try to group subdirectories closer together where possible.
No tail-merging	`t`	`+t` to set `-t` to clear	For those filesystems that support tail-merging, a file with the `t` attribute will not have a partial block fragment at the end of the file merged with other files. This is necessary for applications such as LILO, which reads the filesystem directly and doesn't understand tail-merged files.
Synchronous updates	`S`	`+S` to set `-S` to clear	When a file with the `S` attribute set is modified, the changes are written synchronously on the disk; this is equivalent to the 'sync' mount option applied to a subset of the files. This is equivalent to the `sync` mount option, applied to a subset of the files.
Secure deletion	`s`	`+s` to set `-s` to clear^{[note 2]}^{[note 5]}	When a file with the `s` attribute set is deleted, its blocks are zeroed and written back to the disk.
Data journaling	`j`	`+j` to set `-j` to clear^{[note 4]}	A file with the `j` attribute has all of its data written to the ext3 journal before being written to the file itself, if the filesystem is mounted with the `"data=https://www.cnblogs.com/xuyaowen/p/ordered"` or `"data=https://www.cnblogs.com/xuyaowen/p/writeback"` options. When the filesystem is mounted with the `"data=https://www.cnblogs.com/xuyaowen/p/journal"` option all file data is already journaled, so this attribute has no effect.
Indexed directory	`I`	(unavailable)	The `I` attribute is used by the htree program code to indicate that a directory is being indexed using hashed trees.
Immutable	`i`	`+i` to set `-i` to clear^{[note 1]}	A file with the `i` attribute cannot be modified. It cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. When set, prevents, even the superuser, from erasing or changing the contents of the file.
Huge file	`h`	(unavailable)	The `h` attribute indicates the file is storing its blocks in units of the filesystem blocksize instead of in units of sectors. It means that the file is, or at one time was, larger than 2TB.
Compression error	`E`	(unavailable)	The `E` attribute is used by the experimental compression patches to indicate that a compressed file has a compression error.
Extent format	`e`	(unavailable)	The `e` attribute indicates that the file is using extents for mapping the blocks on disk.
Synchronous directory updates	`D`	`+D` to set `-D` to clear	When a directory with the `D` attribute set is modified, the changes are written synchronously on the disk This is equivalent to the `dirsync` mount option, applied to a subset of the files.
No dump	`d`	`+d` to set `-d` to clear	A file with the `d` attribute set is not candidate for backup when the dump program is run.
No Copy-on-Write (CoW)	`C`	`+C` to set `-C` to clear^{[note 3]}	A file with the `C` attribute will not be subject to Copy-on-Write updates. Updates to these files may not be subject to atomic snapshots, and may lack some reliability information on some filesystems and kernels.
Compressed	`c`	`+c` to set `-c` to clear^{[note 2]}	A file with the `c` attribute set is automatically compressed on the disk by the kernel. A read from this file returns uncompressed data. A write to this file compresses data before storing them on the disk.
No `atime` updates	`A`	`+A` to set `-A` to clear	When a file with the `A` attribute set is accessed, its atime record is not modified. This avoids a certain amount of disk I/O operations.
Append only	`a`	`+a` to set `-a` to clear^{[note 1]}	A file with the `a` attribute set can only be open in append mode for writing.
Version / generation number	`-v`	`-v version`	File's version/generation number.

參考鏈接：

https://en.wikipedia.org/wiki/Chattr （上述表格來自于此）

http://c.biancheng.net/view/874.html

https://www.runoob.com/linux/linux-comm-chattr.html

https://www.runoob.com/linux/linux-comm-lsattr.html

https://www.cnblogs.com/ftl1012/p/chattr.html

保持更新，更多內容請關注 cnblogs.com/xuyaowen; 獲取更多內容；

關于檔案系統擴展屬性內容，請參考：Linux 檔案系統擴展屬性

轉載請註明出處，本文鏈接：https://www.uj5u.com/caozuo/161982.html

標籤：Linux

上一篇：基于mosquitto的MQTT客戶端實作C語言

下一篇：Composer安裝laravel框架