Wednesday, January 27, 2010

Advanced Filesystem Attributes in Linux

As a Linux administrator, you may be called upon to set up a control system for file access. You probably already know how to set read, write, and execute permissions on files, and you will need to make extensive use of that knowledge. But, sometimes, you'll need more than just these permissions settings to get the job done. That's where filesystem attributes will come in handy. You can set different attributes on files in order to gain more control over how they are accessed.

There are two slight catches, though. You can only set file attributes on machines with hard drives that are formatted with either the ext2 or ext3 filesystems. That's not a problem for machines that are running a Red Hat-type operating system, since ext3 is your only choice with them. But, if you're setting up a machine with, say, Ubuntu Server, you'll have other filesystems to choose from. Just be sure to choose ext3 if you want to set file attributes.

Also, if you're accessing files on another computer via NFS, the attributes will still be in effect, but you won't be able to view or change the attributes.

To view file attributes, you'd use the lsattr command. Entering just the command by itself will show a list of all files in the current directory.

[ian@centos5 ~]$ lsattr
------------- ./mytext.txt
------------- ./Duron_backup
------------- ./iptables-L.txt
------------- ./New_error.txt
------------- ./Desktop
------------- ./moodle-2007-8-25
------------- ./test_dir
------------- ./BOINC
------------- ./ts2_client_rc2_2032.tar.bz2
------------- ./OOo_2.3.0_LinuxIntel_install_wJRE_en-US.tar.gz
------------- ./ifconfig_output.txt
------------- ./dmesg
------------- ./BOINC.tar.bz2
------------- ./ts2_client_rc2_2032
------------- ./tls_handshake_error.txt
[ian@centos5 ~]$ lsattr mytext.txt
------------- mytext.txt
[ian@centos5 ~]$

You can see from the listing that no attributes have been set. Now, let's say that we don't want to allow the "mytext.txt" file to be backed up with the "dump" command. We'll use the chattr command to set the "d" attribute.

[ian@centos5 ~]$ chattr +d mytext.txt
[ian@centos5 ~]$ lsattr mytext.txt
------d------ mytext.txt
[ian@centos5 ~]$

Here, we've used the "+" sign to add the attribute. We'll use the "-" sign to remove it.

[ian@centos5 ~]$ chattr -d mytext.txt
[ian@centos5 ~]$ lsattr mytext.txt
------------- mytext.txt
[ian@centos5 ~]$

Setting the "s" attribute will cause the file to be securely wiped when someone deletes it. This makes it much harder for unauthorized persons to recover and view the file.

[ian@centos5 ~]$ chattr +s mytext.txt
[ian@centos5 ~]$ lsattr mytext.txt
s------------ mytext.txt
[ian@centos5 ~]$

Using an upper-case "S" instead of a lower-case "s" tells the filesystem to immediately write the file to disk, instead of storing it in a buffer. (Note also, that we left the "s" attribute this time, so that we now have two attributes set for this file.)

[ian@centos5 ~]$ chattr +S mytext.txt
[ian@centos5 ~]$ lsattr mytext.txt
s-S---------- mytext.txt
[ian@centos5 ~]$

The upper-case "A" attribute tells the filesystem to not update the file's atime. This can cut down on disk access, which could help extend a laptop's battery life, and can cut down on bandwidth usage if you're accessing files via NFS.

[ian@centos5 ~]$ chattr +A mytext.txt
[ian@centos5 ~]$ lsattr mytext.txt
s-S----A----- mytext.txt
[ian@centos5 ~]$

Of course, you'll seldom want to use the "A" attribute. If you need to turn off atime updates, you're better off mounting the filesystem with the "noatime" parameter, instead.

So far, we've performed all attribute changes with only normal user privileges, and on the user's own files. There are still two other attributes that can only be set with root privileges. Even if the file belongs to you, you'll receive an error if you try to change them with only your normal user privileges.

[ian@centos5 ~]$ chattr +a mytext.txt
chattr: Operation not permitted while setting flags on mytext.txt
[ian@centos5 ~]$

The "a" attribute will allow a file to be opened only in append mode. This will allow you to add more text or data to a file, but will not allow you to overwrite it.

[ian@centos5 ~]$ sudo chattr +a mytext.txt
[ian@centos5 ~]$ lsattr mytext.txt
s-S--a-A----- mytext.txt
[ian@centos5 ~]$ echo "This is a test of the a attribute." > mytext.txt
bash: mytext.txt: Operation not permitted
[ian@centos5 ~]$ echo "This is a test of the a attribute." >> mytext.txt
[ian@centos5 ~]$

The final attribute we'll cover, which also requires root privileges, is the "i" attribute. This make a file immutable. In other words, it can't be changed, renamed, or deleted. And, no links can be created to it.

[ian@centos5 ~]$ sudo chattr +i mytext.txt
[ian@centos5 ~]$ lsattr mytext.txt
s-S-ia-A----- mytext.txt
[ian@centos5 ~]$ rm mytext.txt
rm: remove write-protected regular file `mytext.txt'? y
rm: cannot remove `mytext.txt': Operation not permitted
[ian@centos5 ~]$

Finally, if you need to add or delete more than one attribute, you can combine the operations into one single command.

[ian@centos5 ~]$ sudo chattr -AaisS mytext.txt
[ian@centos5 ~]$ lsattr mytext.txt
------------- mytext.txt
[ian@centos5 ~]$

There are a few other attributes that we haven't covered. But they either have operational bugs, or they're attributes that are set by the system, and not by the user.

For more information, enter "man chattr" at the command-line.

No comments:

Post a Comment