Howto - Show File Attributes In Linux

October 28, 2012 | By
| 1 Reply More
file permissions

Linux File Permissions

Linux provides us the access control by file and directory permissions on three levels: user, group and other. These file permissions provide the basic level of security and access control. Linux also has advanced access control features like ACLs (Access Control Lists) and attributes. Attributes define properties of files. This article describes what these attributes are and how we can access them.

Attributes in Linux

The files and directories can have following attributes:

a - append only
c - compressed
d - no dump
e - extent format
i - immutable
j - data journalling
s - secure deletion
t - no tail-merging
u - undeletable
A - no atime updates
D - synchronous directory updates
S - synchronous updates
T - and top of directory hierarchy

The detailed meaning of these attributes according to the manual page is:

a - append only

A file with the `a' attribute set can only be open in append mode for writing. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

c - compressed

A file with the `c' attribute set is automatically compressed on the disk by the kernel. A read from this file returns uncompressed data. A write to this file compresses data before storing them on the disk. Note: please make sure to read the bugs and limitations section at the end of this document.

d - no dump

A file with the `d' attribute set is not candidate for backup when the dump(8) program is run.

e - extent format

The 'e' attribute indicates that the file is using extents for mapping the blocks on disk. It may not be removed using chattr(1).

i - immutable

A file with the `i' attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

j - data journalling

A file with the `j' attribute has all of its data written to the ext3 journal before being written to the file itself, if the filesystem is mounted with the "data=ordered" or "data=writeback" options. When the filesystem is mounted with the "data=journal" option all file data is already journalled and this attribute has no effect. Only the superuser or a process possessing the CAP_SYS_RESOURCE capability can set or clear this attribute.

s - secure deletion

When a file with the `s' attribute set is deleted, its blocks are zeroed and written back to the disk. Note: please make sure to read the bugs and limitations section at the end of this document.

t - no tail-merging

A file with the 't' attribute will not have a partial block fragment at the end of the file merged with other files (for those filesystems which support tail-merging). This is necessary for applications such as LILO which read the filesystem directly, and which don't understand tail-merged files. Note: As of this writing, the ext2 or ext3 filesystems do not (yet, except in very experimental patches) support tail-merging.

u - undeletable

When a file with the `u' attribute set is deleted, its contents are saved. This allows the user to ask for its undeletion. Note: please make sure to read the bugs and limitations section at the end of this document.

A - no atime updates

When a file with the 'A' attribute set is accessed, its atime record is not modified. This avoids a certain amount of disk I/O for laptop systems.

D - synchronous directory updates

When a directory with the `D' attribute set is modified, the changes are written synchronously on the disk; this is equivalent to the `dirsync' mount option applied to a subset of the files.

S - synchronous updates

When a file with the `S' attribute set is modified, the changes are written synchronously on the disk; this is equivalent to the `sync' mount option applied to a subset of the files.

T - and top of directory hierarchy

A directory with the 'T' attribute will be deemed to be the top of directory hierarchies for the purposes of the Orlov block allocator. This is a hint to the block allocator used by ext3 and ext4 that the subdirectories under this directory are not related, and thus should be spread apart for allocation purposes. For example it is a very good idea to set the 'T' attribute on the /home directory, so that /home/john and /home/mary are placed into separate block groups. For directories where this attribute is not set, the Orlov block allocator will try to group subdirectories closer together where possible.

lsattr command

The lsattr command lists the attributes of files and directories.

$ lsattr
-----a-----------e- ./file1
----i------------e- ./hello_dir
-----------------e- ./usrcopy
-----------------e- ./special_characters
-----------------e- ./file3
-----------------e- ./contents
-----------------e- ./hard_link
-----------------e- ./usrlisting

Here we can see that the directory hello_dir is immutable, and the file named 'file1' is ‘append only’ file.

lsattr can be given a file or directory name as the argument.

$ lsattr hello/
-----------------e- hello/HelloClient.java~
-----------------e- hello/HelloServer.class
-----------------e- hello/Hello.idl~
-----------------e- hello/Hello.idl
-----------------e- hello/HelloServer.java
-----------------e- hello/HelloServer.java~
-----------------e- hello/HelloImpl.class
-----------------e- hello/HelloClient.class
-----------------e- hello/HelloApp
-----------------e- hello/HelloClient.java
-----------------e- hello/orb.db

The -d option with lsattr will list the attributes of the directory itself instead of the files in that directory.

$ lsattr -d hello/
-----------------e- hello/

The -R option will list the directory recursively.

$ lsattr -R
-----------------e- ./HelloClient.java~
-----------------e- ./HelloServer.class
-----------------e- ./Hello.idl~
-----------------e- ./Hello.idl
-----------------e- ./HelloServer.java
-----------------e- ./HelloServer.java~
-----------------e- ./HelloImpl.class
-----------------e- ./HelloClient.class
-----------------e- ./HelloApp

./HelloApp:
-----------------e- ./HelloApp/HelloHolder.class
-----------------e- ./HelloApp/HelloPOA.class
-----------------e- ./HelloApp/Hello.class
-----------------e- ./HelloApp/HelloOperations.class
-----------------e- ./HelloApp/_HelloStub.java
-----------------e- ./HelloApp/HelloOperations.java
-----------------e- ./HelloApp/_HelloStub.class
-----------------e- ./HelloApp/HelloHelper.java
-----------------e- ./HelloApp/HelloPOA.java
-----------------e- ./HelloApp/HelloHolder.java
-----------------e- ./HelloApp/Hello.java
-----------------e- ./HelloApp/HelloHelper.class

-----------------e- ./HelloClient.java
-----------------e- ./orb.db

./orb.db:
-----------------e- ./orb.db/counter
-----------------e- ./orb.db/logs

./orb.db/logs:

-----------------e- ./orb.db/servers.db
-----------------e- ./orb.db/NC0

The -V option will dump the version of the program.

$ lsattr -V
lsattr 1.41.14 (22-Dec-2010)
-----------------e- ./HelloClient.java~
-----------------e- ./HelloServer.class
-----------------e- ./Hello.idl~
-----------------e- ./Hello.idl
-----------------e- ./HelloServer.java
-----------------e- ./HelloServer.java~
-----------------e- ./HelloImpl.class
-----------------e- ./HelloClient.class
-----------------e- ./HelloApp
-----------------e- ./HelloClient.java
-----------------e- ./orb.db

Filed Under : HOWTOS, LINUX HOWTO

Free Linux Ebook to Download

Comments (1)

Trackback URL | Comments RSS Feed

  1. thatsit says:

    How to remove the "e" flag ?
    As the manual page says :It may not be removed using chattr(1).

    Merci.

Leave a Reply

Commenting Policy:
Promotion of your products ? Comment gets deleted.
All comments are subject to moderation.