1. Home
  2. Linux
  3. General
  4. How to Prevent File Modification, Deletion and Renaming in Linux

How to Prevent File Modification, Deletion and Renaming in Linux

prevent file deletion in linux-dreamvps
Prevent File/Directory Modification, Deletion and Renaming in Linux

How to prevent file deletion in Linux? If you want to stop a file or directory from being accidentally or intentionally modified or deleted in Linux, we may set the immutable flag. And this will disable this functionality.
Check out Our Best VPS Hosting and WordPress hosting for scaling your cloud-based applications and processes.

Prevent file deletion in Linux

The immutable flag is an extended file system attribute, and you can set it on both files and directories.
With this flag in place, the file or directory won’t be modified, renamed, or deleted without first deleting the immutable flag.
Setting this flag doesn’t require root privileges.
In the example below, we will be creating a new empty file called ‘no-edit.txt’.

touch no-edit.txt

We may use the lsattr command on this file to see its extended attributes; in this case, only ‘e’ is there by default.

lsattr no-edit.txt
--------------e---- no-edit.txt

Now, we will write a bit of data to the file, which will work as expected.

echo test >> no-edit.txt
cat no-edit.txt

Chattr Command 

We will now use the chattr command to set the ‘I’ flag, which we use to represent immutable.

chattr +i no-edit.txt

We can now run the lsattr command once again to confirm that the ‘I’ flag is listed on the file.

lsattr no-edit.txt
----i---------e---- no-edit.txt

The no-edit.txt file is now immutable, so let’s attempt to write more data to it and see if we can delete or rename it.

echo more-test >> no-edit.txt
zsh: operation not permitted: no-edit.txt
rm -f no-edit.txt
rm: cannot remove 'no-edit.txt': Operation not permitted
mv no-edit.txt no-edit2.txt
zsh: operation not permitted: no-edit.txt
rm: cannot remove 'no-edit.txt': Operation not permitted
mv: cannot move 'no-edit.txt' to 'no-edit2.txt': Operation not permitted

As you can see in this example, we will not be able to modify, delete, or rename our test file, since it has been set to immutable.

  • This works exactly the same way when applying the ‘I’ flag to a folder.
  • However, if you do make a folder immutable, this will apply to all the files inside, meaning that any subdirectories or files within the immutable directory won’t be able to be modified.
  • If you would like to change, remove, or rename an immutable file or directory, you need to first remove the ‘I’ flag.
  • This can be done again using the change attribute (chattr) command, as shown below:
chattr -i no-edit.txt
lsattr no-edit.txt
--------------e---- no-edit.txt

At this point, we should be able to edit, remove, or rename the no-edit.txt file, since it is no longer immutable.

Final Thoughts

In Linux, we should be able to set the immutable flag on a file or directory with the ‘chattr’ command. After it has been made immutable, it will not be possible to remove, modify, or rename the file or directory that the flag has been applied to.

  1. We can use the ‘lsattr’ command to list attributes on a specific file or directory to see if the ‘I’ flag is in place.
  2. A superuser should be able to remove the immutable flag, allowing the file or directory to once again be removed, edited, or renamed.

Also, here we have a few hand-picked guides that you  must read next:


Updated on December 23, 2018

Was this article helpful?

Related Articles

Leave a Comment

[apsl-login-lite login_text='Please login with a social account']