{"id":73799,"date":"2025-04-24T18:00:25","date_gmt":"2025-04-24T10:00:25","guid":{"rendered":"https:\/\/www.hongkiat.com\/blog\/?p=73799"},"modified":"2025-04-17T19:24:23","modified_gmt":"2025-04-17T11:24:23","slug":"linux-chattr-command","status":"publish","type":"post","link":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/","title":{"rendered":"How to Make Files Immutable in Linux Using chattr Command"},"content":{"rendered":"<p>Have you ever accidentally deleted an important configuration file or overwritten changes you needed? Linux offers a powerful but lesser-known feature that can help prevent these situations: file immutability.<\/p>\n<p>Making a file immutable means it cannot be modified, deleted, renamed, or linked to-even by users with root privileges. This provides an extra layer of protection for critical system files or important data.<\/p>\n<p>In this guide, we\u2019ll look at how to use the <code>chattr<\/code> command to make files immutable in Linux, what happens when you try to modify protected files, and how to remove this protection when needed.<\/p>\n<hr>\n<h2 id=\"making-files-immutable\">Making Files Immutable in Linux<\/h2>\n<p>The <code>chattr<\/code> (change attribute) command is what we\u2019ll use to make files immutable. Unlike regular file permissions that only restrict access based on user privileges, file attributes can prevent specific operations regardless of who attempts them.<\/p>\n<h3>The Command Syntax<\/h3>\n<p>To make a file immutable, you use the <code>chattr<\/code> command with the <code>+i<\/code> flag:<\/p>\n<pre>\r\nsudo chattr +i filename.txt\r\n<\/pre>\n<p>You\u2019ll need root privileges (using <code>sudo<\/code>) to change file attributes, especially for system files. If you\u2019re not familiar with <code>sudo<\/code>, check out our guide on <a href=\"https:\/\/www.hongkiat.com\/blog\/linux-command-sudo\/\">how to use the sudo command in Linux<\/a>.<\/p>\n<h3>What Happens When a File is Immutable?<\/h3>\n<p>Once a file is marked as immutable, several operations will fail with an \u201coperation not permitted\u201d error:<\/p>\n<ul>\n<li>You can\u2019t modify the file\u2019s contents<\/li>\n<li>You can\u2019t rename the file<\/li>\n<li>You can\u2019t delete the file<\/li>\n<li>You can\u2019t create a hard link to the file<\/li>\n<li>You can\u2019t change permissions or ownership<\/li>\n<\/ul>\n<p>Let\u2019s look at some examples of what happens when you try to modify an immutable file:<\/p>\n<pre>\r\n$ sudo chattr +i important.conf\r\n$ rm important.conf\r\nrm: cannot remove 'important.conf': Operation not permitted\r\n\r\n$ mv important.conf renamed.conf\r\nmv: cannot move 'important.conf' to 'renamed.conf': Operation not permitted\r\n\r\n$ echo \"new content\" > important.conf\r\nbash: important.conf: Operation not permitted\r\n<\/pre>\n<p>Notice that even with proper file permissions, these operations fail. That\u2019s the power of the immutable attribute \u2013 it overrides normal permission checks.<\/p>\n<p class=\"note\">Remember that while a file is immutable, even root users cannot modify it until the immutable attribute is removed.<\/p>\n<h3>Checking if a File is Immutable<\/h3>\n<p>Before attempting to modify a file, you might want to check if it has the immutable attribute set. You can use the <code>lsattr<\/code> (list attributes) command:<\/p>\n<pre>\r\n$ lsattr filename.txt\r\n----i--------e---- filename.txt\r\n<\/pre>\n<p>The presence of the \u2018i\u2019 flag indicates the file is immutable.<\/p>\n<h3>When to Remove Immutability<\/h3>\n<p>You should remove immutability when:<\/p>\n<ul>\n<li>You need to update configuration files<\/li>\n<li>You\u2019re performing system maintenance<\/li>\n<li>You\u2019re upgrading software that will modify protected files<\/li>\n<li>You no longer need the protection for specific files<\/li>\n<\/ul>\n<p>A good practice is to remove immutability, make your changes, and then set the file as immutable again once you\u2019re done.<\/p>\n<hr>\n<h2 id=\"removing-immutability\">Removing Immutability from Files<\/h2>\n<p>When you need to update or manage an immutable file, you\u2019ll first need to remove the immutable attribute. This is done with the <code>chattr<\/code> command again, but using the <code>-i<\/code> flag:<\/p>\n<pre>\r\nsudo chattr -i filename.txt\r\n<\/pre>\n<p>After removing the immutable attribute, you can perform all normal file operations:<\/p>\n<pre>\r\n$ sudo chattr -i important.conf\r\n$ echo \"Updated content\" > important.conf   # Now works\r\n$ mv important.conf renamed.conf            # Now works\r\n$ rm renamed.conf                          # Now works\r\n<\/pre>\n<hr>\n<h2 id=\"practical-use-cases\">Practical Use Cases for File Immutability<\/h2>\n<p>Making files immutable isn\u2019t just a cool trick-it has several practical applications for system administrators and security-conscious users:<\/p>\n<h3>1. Protecting Critical Configuration Files<\/h3>\n<p>System configuration files like <code>\/etc\/passwd<\/code>, <code>\/etc\/shadow<\/code>, and <code>\/etc\/hosts<\/code> contain essential information. Making them immutable prevents accidental or malicious changes that could compromise your system.<\/p>\n<pre>\r\nsudo chattr +i \/etc\/passwd \/etc\/shadow \/etc\/hosts\r\n<\/pre>\n<p>Remember to temporarily remove immutability when legitimate updates are needed, then re-apply it afterward.<\/p>\n<h3>2. Preventing Accidental File Deletion<\/h3>\n<p>We\u2019ve all had that sinking feeling after accidentally deleting an important file. For files you rarely change but always need, immutability provides peace of mind:<\/p>\n<pre>\r\nsudo chattr +i ~\/Documents\/important_records.pdf\r\n<\/pre>\n<h3>3. Hardening Against Malware<\/h3>\n<p>Some malware attempts to modify system files or configuration files. By making critical system files immutable, you can prevent malware from successfully compromising your system, even if it somehow gains elevated privileges.<\/p>\n<h3>4. Managing Production Environments<\/h3>\n<p>In production environments where stability is crucial, you can make deployment configurations immutable to prevent accidental changes that might cause outages:<\/p>\n<pre>\r\nsudo chattr +i \/etc\/nginx\/nginx.conf\r\nsudo chattr +i \/etc\/apache2\/apache2.conf\r\n<\/pre>\n<h3>5. Securing Boot Files<\/h3>\n<p>Making boot files immutable helps protect against boot-sector malware and ensures your system boots reliably:<\/p>\n<pre>\r\nsudo chattr +i \/boot\/grub\/grub.cfg\r\n<\/pre>\n<h3>6. Creating Write-Once Files<\/h3>\n<p>For logs or records that should never be altered after creation (for compliance or security reasons), you can create the file, add content, and then make it immutable:<\/p>\n<pre>\r\necho \"Initial log entry: $(date)\" > audit_log.txt\r\nsudo chattr +i audit_log.txt\r\n<\/pre>\n<p>Remember that immutability doesn\u2019t replace backups! While it prevents modification or deletion, it won\u2019t protect against hardware failures or other issues that might corrupt your storage.<\/p>\n<hr>\n<h2>Conclusion<\/h2>\n<p>The <code>chattr<\/code> command with its immutable flag provides a simple but powerful way to protect critical files on your Linux system. With just two commands-<code>chattr +i<\/code> to make a file immutable and <code>chattr -i<\/code> to remove immutability-you can add an extra layer of protection to your most important files.<\/p>\n<p>This feature is especially valuable because:<\/p>\n<ul>\n<li>It works regardless of file permissions or user privileges<\/li>\n<li>It provides protection against both accidents and malicious actions<\/li>\n<li>It\u2019s easy to apply and remove as needed<\/li>\n<li>It requires no additional software installation (it\u2019s built into Linux)<\/li>\n<\/ul>\n<p>While not a replacement for good backup practices or proper system administration, file immutability is a valuable tool in your Linux security toolkit. It creates a simple \u201clock\u201d that requires deliberate action to remove, preventing many common file disasters.<\/p>\n<h3>Other Useful File Attributes<\/h3>\n<p>Beyond immutability, the <code>chattr<\/code> command offers several other useful attributes:<\/p>\n<ul>\n<li><code>a<\/code> (append-only): Files can only be opened for appending data, not editing existing content<\/li>\n<li><code>s<\/code> (secure deletion): When a file is deleted, blocks are zeroed and written to disk<\/li>\n<li><code>A<\/code> (no atime updates): The file\u2019s access time record isn\u2019t modified when the file is accessed<\/li>\n<li><code>c<\/code> (compressed): The file is automatically compressed on disk and decompressed when read<\/li>\n<\/ul>\n<p>Next time you have an important configuration file that needs protection, or just want to ensure you don\u2019t accidentally delete your tax records, remember the simple power of <code>chattr +i<\/code>. It might just save your day!<\/p>","protected":false},"excerpt":{"rendered":"<p>Use chattr&#8217;s immutable flag to protect Linux files from deletion or modification-even by root users.<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3397],"tags":[3316],"topic":[],"class_list":["entry-content","is-maxi"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.8 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>How to Make Files Immutable in Linux Using chattr Command - Hongkiat<\/title>\n<meta name=\"description\" content=\"Use chattr&#039;s immutable flag to protect Linux files from deletion or modification-even by root users.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Make Files Immutable in Linux Using chattr Command\" \/>\n<meta property=\"og:description\" content=\"Use chattr&#039;s immutable flag to protect Linux files from deletion or modification-even by root users.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/\" \/>\n<meta property=\"og:site_name\" content=\"Hongkiat\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/hongkiatcom\" \/>\n<meta property=\"article:published_time\" content=\"2025-04-24T10:00:25+00:00\" \/>\n<meta name=\"author\" content=\"Hongkiat.com\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@hongkiat\" \/>\n<meta name=\"twitter:site\" content=\"@hongkiat\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Hongkiat.com\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/linux-chattr-command\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/linux-chattr-command\\\/\"},\"author\":{\"name\":\"Hongkiat.com\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/person\\\/7cc686597d92f9086729e4bcc1577ba3\"},\"headline\":\"How to Make Files Immutable in Linux Using chattr Command\",\"datePublished\":\"2025-04-24T10:00:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/linux-chattr-command\\\/\"},\"wordCount\":903,\"publisher\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\"},\"keywords\":[\"Linux Commands\"],\"articleSection\":[\"Desktop\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/linux-chattr-command\\\/\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/linux-chattr-command\\\/\",\"name\":\"How to Make Files Immutable in Linux Using chattr Command - Hongkiat\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#website\"},\"datePublished\":\"2025-04-24T10:00:25+00:00\",\"description\":\"Use chattr's immutable flag to protect Linux files from deletion or modification-even by root users.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/linux-chattr-command\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/linux-chattr-command\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/linux-chattr-command\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Make Files Immutable in Linux Using chattr Command\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\",\"name\":\"Hongkiat\",\"description\":\"Tech and Design Tips\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\",\"name\":\"Hongkiat.com\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/wp-content\\\/uploads\\\/hkdc-logo-rect-yoast.jpg\",\"contentUrl\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/wp-content\\\/uploads\\\/hkdc-logo-rect-yoast.jpg\",\"width\":1200,\"height\":799,\"caption\":\"Hongkiat.com\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/hongkiatcom\",\"https:\\\/\\\/x.com\\\/hongkiat\",\"https:\\\/\\\/www.pinterest.com\\\/hongkiat\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/person\\\/7cc686597d92f9086729e4bcc1577ba3\",\"name\":\"Hongkiat.com\",\"description\":\"This post is published by an HKDC (hongkiat.com) staff. (I.e., intern, staff writer, or editor).\",\"sameAs\":[\"https:\\\/\\\/www.hongkiat.com\"],\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/author\\\/com\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to Make Files Immutable in Linux Using chattr Command - Hongkiat","description":"Use chattr's immutable flag to protect Linux files from deletion or modification-even by root users.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/","og_locale":"en_US","og_type":"article","og_title":"How to Make Files Immutable in Linux Using chattr Command","og_description":"Use chattr's immutable flag to protect Linux files from deletion or modification-even by root users.","og_url":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/","og_site_name":"Hongkiat","article_publisher":"https:\/\/www.facebook.com\/hongkiatcom","article_published_time":"2025-04-24T10:00:25+00:00","author":"Hongkiat.com","twitter_card":"summary_large_image","twitter_creator":"@hongkiat","twitter_site":"@hongkiat","twitter_misc":{"Written by":"Hongkiat.com","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/#article","isPartOf":{"@id":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/"},"author":{"name":"Hongkiat.com","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/person\/7cc686597d92f9086729e4bcc1577ba3"},"headline":"How to Make Files Immutable in Linux Using chattr Command","datePublished":"2025-04-24T10:00:25+00:00","mainEntityOfPage":{"@id":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/"},"wordCount":903,"publisher":{"@id":"https:\/\/www.hongkiat.com\/blog\/#organization"},"keywords":["Linux Commands"],"articleSection":["Desktop"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/","url":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/","name":"How to Make Files Immutable in Linux Using chattr Command - Hongkiat","isPartOf":{"@id":"https:\/\/www.hongkiat.com\/blog\/#website"},"datePublished":"2025-04-24T10:00:25+00:00","description":"Use chattr's immutable flag to protect Linux files from deletion or modification-even by root users.","breadcrumb":{"@id":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.hongkiat.com\/blog\/linux-chattr-command\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.hongkiat.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How to Make Files Immutable in Linux Using chattr Command"}]},{"@type":"WebSite","@id":"https:\/\/www.hongkiat.com\/blog\/#website","url":"https:\/\/www.hongkiat.com\/blog\/","name":"Hongkiat","description":"Tech and Design Tips","publisher":{"@id":"https:\/\/www.hongkiat.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.hongkiat.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.hongkiat.com\/blog\/#organization","name":"Hongkiat.com","url":"https:\/\/www.hongkiat.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.hongkiat.com\/blog\/wp-content\/uploads\/hkdc-logo-rect-yoast.jpg","contentUrl":"https:\/\/www.hongkiat.com\/blog\/wp-content\/uploads\/hkdc-logo-rect-yoast.jpg","width":1200,"height":799,"caption":"Hongkiat.com"},"image":{"@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/hongkiatcom","https:\/\/x.com\/hongkiat","https:\/\/www.pinterest.com\/hongkiat\/"]},{"@type":"Person","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/person\/7cc686597d92f9086729e4bcc1577ba3","name":"Hongkiat.com","description":"This post is published by an HKDC (hongkiat.com) staff. (I.e., intern, staff writer, or editor).","sameAs":["https:\/\/www.hongkiat.com"],"url":"https:\/\/www.hongkiat.com\/blog\/author\/com\/"}]}},"jetpack_featured_media_url":"https:\/\/","jetpack_shortlink":"https:\/\/wp.me\/p4uxU-jcj","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/73799","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/comments?post=73799"}],"version-history":[{"count":3,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/73799\/revisions"}],"predecessor-version":[{"id":73802,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/73799\/revisions\/73802"}],"wp:attachment":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/media?parent=73799"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/categories?post=73799"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/tags?post=73799"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/topic?post=73799"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}