Applying File Attributes

When working with permissions, there is always a combination between a user or group object and the permissions these user or group objects have on a file or directory. An alternative method of securing files on a Linux system is by working with attributes. Attributes do their work, regardless of the user who accesses the file. Of course, there is a difference: the owner of a file can set file attributes, whereas other users (except for root) cannot do that.

For file attributes as well, an option must be provided in /etc/fstab before they can be used. This is the user_xattr option you can see in the fstab example in Listing 6-1 earlier in this chapter. The following are the most useful attributes you can apply:

A: This attribute ensures that the file access time of the file is not modified. Normally, every time a file is opened, the file access time must be written to the file's metadata. This affects performance in a negative way; therefore, on files that are accessed on a regular basis, you can use the A attribute to disable this feature.

Tip What if you don't like the access time being modified at all? In that case, use the noatime option in /etc/ fstab to specify this feature must be disabled for all files on a volume. You'll learn more about this in Chapter 8, which is about Linux file system management.

a: This attribute allows a file to be added to but not to be removed.

c: If you are using a file system where volume-level compression is supported, this file attribute makes sure the file is compressed the first time the compression engine gets active.

D: This attribute makes sure changes to files are written to disk immediately and not to cache first. This is a useful attribute on important database files to make sure they don't get lost between the file cache and hard disk.

d: This attribute makes sure the file is not backed up in backups where the dump utility is used.

I: This attribute enables indexing for the directory where it is enabled. This allows for faster file access for primitive file systems such as ext3 that don't use a B-tree database for fast access to files.

j: This attribute ensures that on an ext3 file system the file is first written to the journal and only after that to the data blocks on the hard disk.

s: This overwrites the blocks where the file was stored with zeros after the file has been deleted. This makes sure the recovery of the file is not possible after it has been deleted.

u: This attribute saves undelete information. This allows a utility to be developed that works with that information to salvage deleted files.

Note Although you can use quite a few attributes, you should be aware that most attributes are rather experimental and are of use only if an application is used that can work with the given attribute. For example, it doesn't make sense to apply the u attribute as long as no application has been developed that can use this attribute to recover deleted files.

If you want to apply attributes, you can use the chattr command. For example, use chattr +s somefile to apply the attribute s to somefile. Need to remove the attribute again? Then use chattr -s somefile, and it will be removed. To get an overview of all attributes that are currently applied, use the lsattr command.

Computer Hard Drive Data Recovery

Computer Hard Drive Data Recovery

Learn How To Recover Your Hard Drive Data After A Computer Failure.

Get My Free Ebook


Post a comment