document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-03-09 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8295 from yizhuoyan/master

Browse Source 
翻译完毕20170201 Prevent Files And Folders From Accidental Deletion Or Modification In Linux.md
This commit is contained in:
Xingyu.Wang 2018-03-28 18:29:03 +08:00 committed by GitHub
commit 7fbebde923
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 300 additions and 297 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

297
sources/tech/20170201 Prevent Files And Folders From Accidental Deletion Or Modification In Linux.md
View File

@ -1,297 +0,0 @@
translating by yizhuoyan
Prevent Files And Folders From Accidental Deletion Or Modification In Linux
======
![](https://www.ostechnix.com/wp-content/uploads/2017/02/Prevent-Files-And-Folders-From-Accidental-Deletion-Or-Modification-In-Linux-720x340.jpg)
Some times, I accidentally “SHIFT+DELETE” my data. Yes, I am an idiot who dont double check what I am exactly going to delete. And, I am too dumb or lazy to backup the data. Result? Data loss! They are gone in a fraction of second. I do it every now and then. If youre anything like me, Ive got a good news. There is a simple, yet useful commandline utility called **“chattr”** (abbreviation of **Ch** ange **Attr** ibute) which can be used to prevent files and folders from accidental deletion or modification in Unix-like distributions. It applies/removes certain attributes to a file or folder in your Linux system. So the users cant delete or modify the files and folders either accidentally or intentionally, even as root user. Sounds useful, isnt it?
In this brief tutorial, we are going to see how to use chattr in real time in-order to prevent files and folders from accidental deletion in Linux.
### Prevent Files And Folders From Accidental Deletion Or Modification In Linux
By default, Chattr is available in most modern Linux operating systems. Let us see some examples.
The default syntax of chattr command is:
```
chattr [operator] [switch] [filename]
```
chattr has the following operators.
* The operator **+** causes the selected attributes to be added to the existing attributes of the files;
* The operator **-** causes them to be removed;
* The operator **=** causes them to be the only attributes that the files have.
Chattr has different attributes namely **aAcCdDeijsStTu**. Each letter applies a particular attributes to a file.
* **a** append only,
* **A** no atime updates,
* **c** compressed,
* **C** no copy on write,
* **d** no dump,
* **D** synchronous directory updates,
* **e** extent format,
* **i** immutable,
* **j** data journalling,
* **P** project hierarchy,
* **s** secure deletion,
* **S** synchronous updates,
* **t** no tail-merging,
* **T** top of directory hierarchy,
* **u** undeletable.
In this tutorial, we are going to discuss the usage of two attributes, namely **a** , **i** which are used to prevent the deletion of files and folders. Thats what our topic today, isnt? Indeed!
### Prevent files from accidental deletion
Let me create a file called **file.txt** in my current directory.
```
$ touch file.txt
```
Now, I am going to apply **“i”** attribute which makes the file immutable. It means you cant delete, modify the file, even if youre the file owner and the root user.
```
$ sudo chattr +i file.txt
```
You can check the file attributes using command:
```
$ lsattr file.txt
```
**Sample output:**
```
----i---------e---- file.txt
```
Now, try to remove the file either as a normal user or with sudo privileges.
```
$ rm file.txt
```
**Sample output:**
```
rm: cannot remove 'file.txt': Operation not permitted
```
Let me try with sudo command:
```
$ sudo rm file.txt
```
**Sample output:**
```
rm: cannot remove 'file.txt': Operation not permitted
```
Let us try to append some contents in the text file.
```
$ echo 'Hello World!' >> file.txt
```
**Sample output:**
```
bash: file.txt: Operation not permitted
```
Try with **sudo** privilege:
```
$ sudo echo 'Hello World!' >> file.txt
```
**Sample output:**
```
bash: file.txt: Operation not permitted
```
As you noticed in the above outputs, We cant delete or modify the file even as root user or the file owner.
To revoke attributes, just use **“-i”** switch as shown below.
```
$ sudo chattr -i file.txt
```
Now, the immutable attribute has been removed. You can now delete or modify the file.
```
$ rm file.txt
```
Similarly, you can restrict the directories from accidental deletion or modification as described in the next section.
### Prevent folders from accidental deletion and modification
Create a directory called dir1 and a file called file.txt inside this directory.
```
$ mkdir dir1 && touch dir1/file.txt
```
Now, make this directory and its contents (file.txt) immutable using command:
```
$ sudo chattr -R +i dir1
```
Where,
* **-R** will make the dir1 and its contents immutable recursively.
* **+i** makes the directory immutable.
Now, try to delete the directory either as normal user or using sudo user.
```
$ rm -fr dir1
$ sudo rm -fr dir1
```
You will get the following output:
```
rm: cannot remove 'dir1/file.txt': Operation not permitted
```
Try to append some contents in the file using “echo” command. Did you make it? Of course, you couldnt!
To revoke the attributes back, run:
```
$ sudo chattr -R -i dir1
```
Now, you can delete or modify the contents of this directory as usual.
### Prevent files and folders from accidental deletion, but allow append operation
We know now how to prevent files and folders from accidental deletion and modification. Next, we are going to prevent files and folders from deletion, but allow the file for writing in append mode only. That means you cant edit, modify the existing data in the file, rename the file, and delete the file. You can only open the file for writing in append mode.
To set append mode attribution to a file/directory, we do the following.
**For files:**
```
$ sudo chattr +a file.txt
```
**For directories: **
```
$ sudo chattr -R +a dir1
```
A file/folder with the a attribute set can only be open in append mode for writing.
Add some contents to the file(s) to check whether it works or not.
```
$ echo 'Hello World!' >> file.txt
$ echo 'Hello World!' >> dir1/file.txt
```
Check the file contents using cat command:
```
$ cat file.txt
$ cat dir1/file.txt
```
**Sample output:**
```
Hello World!
```
You will see that you can now be able to append the contents. It means we can modify the files and folders.
Let us try to delete the file or folder now.
```
$ rm file.txt
```
**Output:**
```
rm: cannot remove 'file.txt': Operation not permitted
```
Let us try to delete the folder:
```
$ rm -fr dir1/
```
**Sample output:**
```
rm: cannot remove 'dir1/file.txt': Operation not permitted
```
To remove the attributes, run the following commands:
**For files:**
```
$ sudo chattr -R -a file.txt
```
**For directories: **
```
$ sudo chattr -R -a dir1/
```
Now, you can delete or modify the files and folders as usual.
For more details, refer the man pages.
```
man chattr
```
### Wrapping up
Data protection is one of the main job of a System administrator. There are numerous free and commercial data protection software are available on the market. Luckily, weve got this built-in tool that helps us to protect the data from accidental deletion or modification. Chattr can be used as additional tool to protect the important system files and data in your Linux system.
And, thats all for today. Hope this helps. I will be soon here with another useful article. Until then, stay tuned with OSTechNix!
Cheers!
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/prevent-files-folders-accidental-deletion-modification-linux/
作者:[SK][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.ostechnix.com/author/sk/

300
translated/tech/20170201 Prevent Files And Folders From Accidental Deletion Or Modification In Linux.md Normal file
View File

@ -0,0 +1,300 @@
Linux系统中防止文件和目录被意外的删除或修改
======
![](https://www.ostechnix.com/wp-content/uploads/2017/02/Prevent-Files-And-Folders-From-Accidental-Deletion-Or-Modification-In-Linux-720x340.jpg)
有时,我会不小心的按下`SHIFT+DELETE`来删除我的文件数据。是的,我是个笨蛋,不会再次确认下我实际准备要删除的东西。而且我太笨或者说太懒,没有备份我的文件数据。结果呢?数据丢失了!在一瞬间就丢失了。
这种事时不时就会发生在我身上。如果你和我一样,有个好消息告诉你。有个简单又有用的命令行工具叫**“chattr”****Ch** ange **Attr** ibute的缩写 在类Unix等发行版中能够用来防止文件和目录被意外的删除或修改。
通过给文件或目录添加或删除某些属性来保证用户不能删除或修改这些文件和目录不管是有意的还是无意的甚至root用户也不行。听起来很有用是不是
在这篇简短的教程中我们一起来看看怎么在实际应用中使用chattr命令来防止文件和目录被意外删除。
### Linux中防止文件和目录被意外删除和修改
默认Chattr命令在大多数现代Linux操作系统中是可用的。
默认语法是:
```
chattr [operator] [switch] [file]
```
chattr 具有如下操作符:
* 操作符**+**追加指定属性到文件已存在属性中
* 操作符**-**删除指定属性
* 操作符**=**直接设置文件属性为指定属性
Chattr 提供不同的属性,也就是-**aAcCdDeijsStTu**。每个字符代表一个特定文件属性。
* **a** 只能向文件中添加数据而不能删除appened only,
* **A** 不更新文件或目录的最后存取时间no atime updates,
* **c** 将文件或目录压缩后存放compressed,
* **C** 不适用写入时复制机制no copy on write,
* **d** 设定文件不能成为dump程序的备份目标no dump,
* **D** 同步目录更新(synchronous directory updates),
* **e** extend格式存储(extent format),
* **i** 文件或目录不可改变immutable,
* **j** 设定此参数使得当通过mount参数data=ordered 或者 data=writeback挂载的文件系统,文件在写入时会先被记录在journal中。(data journalling),
* **P** project层次结构(project hierarchy),
* **s** 保密性删除文件或目录secure deletion,
* **S** 即时更新文件或目录synchronous updates,
* **t** 不进行尾部合并(no tail-merging),
* **T** 顶层目录层次结构(top of directory hierarchy,
* **u** 不可删除undeletable.
在本教程中,我们将讨论两个属性的使用,即**a** , **i** ,这个两个属性可以用于防止文件和目录的被删除。这是我们今天的主题,对吧?来开始吧!
### 防止文件被意外删除和修改
我先在我的当前目录创建一个**file.txt**文件。
```
$ touch file.txt
```
现在,我将给文件应用**“i”**属性让文件不可改变。就是说你不能删除或修改这个文件就算你是文件的拥有者和root用户也不行。
```
$ sudo chattr +i file.txt
```
使用`lsattr`命令检查文件已有属性
```
$ lsattr file.txt
```
**输出:**
```
----i---------e---- file.txt
```
现在,试着用普通用户去删除文件
```
$ rm file.txt
```
**输出:**
```
#不能删除文件,非法操作
rm: cannot remove 'file.txt': Operation not permitted
```
我来试试sudo特权
```
$ sudo rm file.txt
```
**输出:**
```
#不能删除文件,非法操作
rm: cannot remove 'file.txt': Operation not permitted
```
我们试试追加写内容到这个文本文件
```
$ echo 'Hello World!' >> file.txt
```
**输出:**
```
#非法操作
bash: file.txt: Operation not permitted
```
试试 **sudo** 特权:
```
$ sudo echo 'Hello World!' >> file.txt
```
**输出:**
```
#非法操作
bash: file.txt: Operation not permitted
```
你应该注意到了我们不能删除或修改这个文件甚至root用户或者文件所有者也不行。
要撤销属性,使用**“-i”**即可。
```
$ sudo chattr -i file.txt
```
现在,这不可改变属性已经被删除掉了。你现在可以删除或修改这个文件了。
```
$ rm file.txt
```
类似的,你能够限制目录被意外删除或修改,如下一节所述。
### 防止目录被意外删除和修改
创建一个dir1目录放入文件file.txt。
```
$ mkdir dir1 && touch dir1/file.txt
```
现在让目录及其内容file.txt文件不可改变
```
$ sudo chattr -R +i dir1
```
命令中,
* **-R** 递归使dir目录及其内容不可修改
* **+i** 使目录不可修改
现在来试试删除这个目录要么用普通用户要么用sudo特权。
```
$ rm -fr dir1
$ sudo rm -fr dir1
```
你会看到如下输出:
```
#不可删除'dir1/file.txt':非法操作
rm: cannot remove 'dir1/file.txt': Operation not permitted
```
尝试用“echo”命令追加内容到文件你成功了吗当然你做不到。
撤销此属性,输入:
```
$ sudo chattr -R -i dir1
```
现在你就能想平常一样删除或修改这个目录内容了。
### 防止文件和目录被意外删除,但允许追加操作
我们现已知道如何防止文件和目录被意外删除和修改了。接下来,我们将防止文件被删除但仅仅允许文件被追加内容。意思是你不可以编辑修改文件已存在的数据,或者重命名这个文件或者删除这个文件,你仅可以使用追加模式打开这个文件。
为了设置追加属性到文件或目录,我们像下面这么操作:
**针对文件:**
```
$ sudo chattr +a file.txt
```
**针对目录: **
```
$ sudo chattr -R +a dir1
```
一个文件或目录被设置了a这个属性就仅仅能够被追加模式打开进行写入。
添加些内容到这个文件以测试是否有效果。
```
$ echo 'Hello World!' >> file.txt
$ echo 'Hello World!' >> dir1/file.txt
```
查看文件内容使用cat命令
```
$ cat file.txt
$ cat dir1/file.txt
```
**输出:**
```
Hello World!
```
你将看到你现在可以追加内容。就表示我们可以修改这个文件或目录。
现在让我们试试删除这个文件或目录。
```
$ rm file.txt
```
**输出:**
```
#不能删除文件'file.txt':非法操作
rm: cannot remove 'file.txt': Operation not permitted
```
让我们试试删除这个目录:
```
$ rm -fr dir1/
```
**输出:**
```
#不能删除文件'dir1/file.txt':非法操作
rm: cannot remove 'dir1/file.txt': Operation not permitted
```
删除这个属性,执行下面这个命令:
**针对文件:**
```
$ sudo chattr -R -a file.txt
```
**针对目录:**
```
$ sudo chattr -R -a dir1/
```
现在,你可以想平常一样删除或修改这个文件和目录了。
更多详情查看man页面。
```
man chattr
```
### 总结
保护数据是系统管理人员的主要工作之一。市场上有众多可用的免费和收费的数据保护软件。幸好我们已经拥有这个内置命令可以帮助我们去保护数据被意外的删除和修改。在你的Linux系统中Chattr可作为保护重要系统文件和数据的附加工具。
然后这就是今天所有内容了。希望对大家有所帮助。接下来我将会在这提供其他有用的文章。在那之前敬请期待OSTechNix。
再见!
--------------------------------------------------------------------------------
来源: https://www.ostechnix.com/prevent-files-folders-accidental-deletion-modification-linux/
作者:[SK][a]
译者:[yizhuoyan](https://github.com/yizhuoyan)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.ostechnix.com/author/sk/