Welcome to the Linux Foundation Forum!

Bootcamp Mentor's Corner-Filesystem Extended Attributes

fcioanca
fcioanca Posts: 1,344
edited January 31 in Cloud Engineer Boot Camp

Linux has several powerful features that many users don't know about. Let’s take a look at a couple, extended attributes (extattr) and access control lists (ACLs).

In this email, we'll cover extended attributes. Extended attributes are usually available on the most common filesystems available on Linux, but in some cases, you may need to enable them during creation or mounting. As always, you are expected to research topics of interest; start by looking at the chattr (change attributes) manual page. You will find a good summary of file attributes in the fourth paragraph of the man page:

The letters 'aAcCdDeFijmPsStTux' select the new attributes for the files: append only (a), no atime updates (A), compressed (c), no copy on write (C), no dump (d), synchronous directory updates (D), extent format (e), case-insensitive directory lookups (F), immutable (i), data journaling (j), don't compress (m), project hierarchy (P), secure deletion (s), synchronous updates (S), no tail-merging (t), top of directory hierarchy (T), undeletable (u), and direct access for files (x).

You will find more details about the meaning of these attributes later on the man page.

The chattr command is used by root to change extended attributes on individual files or directories, and the lsattr command is used to list the extended attributes.

  • For example, extended attributes allow you to make a file append-only (a) so that information cannot be removed, only added to a file.
  • A file can be made immutable (i) so that it cannot be changed in any way--even by root.
  • Typically, when files are deleted, data blocks of the file are appended to the free block list with the previous data intact. The secure deletion (s) attribute causes the data in the deleted file to be overwritten before being deleted. This is good for files with sensitive data such as customer lists or credit card files.

Other options are covered on the man page. Utilizing some of these lesser-known features will help you make your environment more productive. In my next message, I will discuss access control lists and how to collaborate using a Linux filesystem more easily.

Categories

Upcoming Training