Charlie Harvey

Quick tip: Making files immutable on GNU/Linux

Written by Charlie on

The other day, I was having some problems with Network Manager (I only ever have problems with it to be honest). It kept overwriting my /etc/resolv.conf — the file where you configure what nameservers your system will use. gnu/linux image

Even after I uninstalled Network Manger, on rebooot I would find my resolv.conf saying it had been generated by Network Manager.

I turned to a trick that I very rarely use, but which is useful from time to time. I set the immutable attribute on the file. The immutable attribute means that no user, not even root, can modify the file without also unsetting the attribute.

You can view the current attributes of a file any time using lsattr lsattr resolv.conf -------------e-- /etc/resolv.conf

You use the chattr command to set the attribute. You might need root, deending on the file. chattr +i resolv.conf

So that now lsattr shows $ lsattr /etc/resolv.conf ----i--------e-- /etc/resolv.conf

Now you cannot change the file at all! $ sudo rm /etc/resolv.conf rm: cannot remove ‘/etc/resolv.conf’: Operation not permitted

You can unset the immutable attribute using -i chattr -i resolv.conf

There are a bunch more attributes listed in the chattr man page though this is the only one I ever seem to find myself using.

GNU/Linux image from soft-ulibre.gaeon.com


Comments

  • Be respectful. You may want to read the comment guidelines before posting.
  • You can use Markdown syntax to format your comments. You can only use level 5 and 6 headings.
  • You can add class="your language" to code blocks to help highlight.js highlight them correctly.

Privacy note: This form will forward your IP address, user agent and referrer to the Akismet, StopForumSpam and Botscout spam filtering services. I don’t log these details. Those services will. I do log everything you type into the form. Full privacy statement.