1. Overview

The lsattr command in Linux displays the attributes set on files or directories. Further, attributes are special flags that control how the file system treats the files and directories, i.e., file system objects. For example, attributes can mark files as immutable or append-only.

Because of this, understanding the output of lsattr is important for Linux system administrators. We may need to check or modify file attributes for security, compliance, or other reasons. So, knowing how to interpret lsattr enables us to quickly inspect attributes and determine whether we need to make any changes.

In this tutorial, we’ll discuss the lsattr command and its output. Also, we’ll see how we can modify file attributes using the chattr command.

2. lsattr Command

We use the lsattr command to list the attributes of files or directories on Linux file systems that support extended attributes:

In general, lsattr has a basic syntax:

$ lsattr [options] [files]

In practice, the lsattr command takes the names of files and directories to inspect as arguments. If we specify no file, it checks the attributes of the current working directory.

As a result, the lsattr command displays one character per attribute to indicate whether that attribute is on or off:

$ lsattr test.txt
----i--------e-- test.txt

This output shows we set the immutable and extent format attributes on test.txt.

However, lsattr doesn’t show the names of attributes. Thus, we might have to know the meaning of each letter code to interpret the output.

3. lsattr Options

Also, the lsattr command has several options that we can use to modify its behavior and output. For example, we can use the -R option to recursively list the attributes of all files in a directory, or the -a option to list only the files with attributes set.

3.1. -R Option

The -R option tells lsattr to recursively list all files and directories. It also lists the contents of subdirectories:

$ lsattr -R /home/abdulhameed
--------------e------- /home/abdulhameed/export-set_5.sh
--------------e------- /home/abdulhameed/export-set_4.sh
--------------e------- /home/abdulhameed/Music
...

As we can see, this is a list of all files and directories in /home/abdulhameed and its subdirectories.

3.2. -a Option

By default, lsattr won’t list any hidden files. However, the -a option displays attributes for all files in the specified directory, including hidden files that start with a dot:

$ lsattr -a /home/abdulhameed
--------------e------- /home/abdulhameed/export-set_5.sh
--------------e------- /home/abdulhameed/export-set_4.sh
--------------e------- /home/abdulhameed/Music
--------------e------- /home/abdulhameed/export-set_2.sh
--------------e------- /home/abdulhameed/.cache
--------------e------- /home/abdulhameed/.themes
...
--------------e------- /home/abdulhameed/.bash_logout
--------------e------- /home/abdulhameed/.config
--------------e------- /home/abdulhameed/.vscode

As a result, this command lists all files in /home/abdulhameed, including hidden ones like .cache or .bash_logout.

3.3. -d Option

By default, if we provide a directory name as an argument, lsattr lists its content. However, the -d option tells the lsattr command to list only directories and not their contents:

$ lsattr -d /home/abdulhameed
--------------e------- /home/abdulhameed

The output is of the directory object itself and not of any of its content.

3.4. -v Option

The -v option prints the file’s version or generation number:

$ lsattr -v /home/abdulhameed
707470822  --------------e------- /home/abdulhameed/export-set_5.sh
1241820598 --------------e------- /home/abdulhameed/export-set_4.sh
741945726  --------------e------- /home/abdulhameed/Music
264954810  --------------e------- /home/abdulhameed/export-set_2.sh
4092474338 --------------e------- /home/abdulhameed/file.txt
646553919  --------------e------- /home/abdulhameed/test
617306977  -----------I--e------- /home/abdulhameed/Downloads
...

Evidently, the number in the first column is the version number. The version number is a 32-bit unsigned integer that’s incremented every time we modify a file. As a result, some file systems use this number to keep track of file changes.

4. lsattr Output

In general, the output of the lsattr command consists of two columns:

  • attributes
  • file or directory name

Furthermore, the attributes column shows a series of letters that represent different flags that are set or unset for each file or directory. Consequently, we can classify these attributes into several categories based on their functions.

4.1. Deletion and Modification

These categories of attributes control how the files and directories can be deleted, modified, or renamed:

Letter Attribute Description
a append-only The file can only be opened in append mode for writing.
i immutable The file can’t be modified, deleted, or renamed.
s secure deletion The kernel securely erases the file when we delete it by overwriting its data blocks with zero.
u undeletable The file can’t be deleted even by the superuser.

Therefore, these attributes can protect important files and directories from accidental or malicious changes.

4.2. Performance and Storage

Attributes under this category affect how the files and directories are stored, cached, and accessed on disk:

Letter Attribute Description
A no atime update The file’s access time isn’t updated when it’s read
c compressed The file is automatically compressed by the kernel when it’s written to disk.
D synchronous directory update Any write operations on the directory are synchronized to disk immediately.
e extent format The file uses a contiguous range of blocks for mapping storage blocks
S synchronous update Any write operations on the file are synchronized to disk immediately.
t no tail-merging The file won’t have a partial block fragment at the end of the file merged with other files

In essence, we can use these attributes to optimize the performance and storage of files.

4.3. Backup and Recovery

These attributes determine how the files and directories are handled by the backup and recovery program:

Letter Attribute Description
d no dump The file isn’t a candidate for backup by dump program
j data journalling Any write operations on the file are first written to an external journal before being written to disk

Thus, we can manage our backup and recovery processes more efficiently using these attributes.

4.4. Directory Structure

These attributes apply only to directories and affect how they store their entries and subdirectories:

Letter Attribute Description
I indexed directory The directory stores its entries in a hashed tree structure for faster lookup.
T top of directory hierarchy The directory is the top of a directory hierarchy for the Orlov block allocator.

Further, the Orlov block allocator is a method to allocate disk blocks for directories. It tries to group related subdirectories together in the same block group. As a result, this can improve performance.

5. chattr Command

Moreover, we can use the chattr command to change the attributes of files and directories of Linux file systems that support extended attributes:

$ chattr [options] [attributes] [files]

From the above, options are flags that modify the behavior of the command, attributes are letters that indicate which attributes to set or clear, and files are the names of files to change.

We can prefix the attributes with one of several symbols:

  • +: add an attribute
  • : remove an attribute
  • =: set an attribute (and clear all others)

Let’s look at an example of adding an attribute to a file:

$ chattr +i /home/abdulhameed/file.txt

This command adds the immutable attribute to file.txt.

Also, we can remove an attribute from a file:

$ chattr -a /home/abdulhameed/file.txt

Now, file.txt doesn’t have the append-only attribute.

Finally, we can set a file to have an attribute and clear the other attributes:

$ chattr =c /home/abdulhameed/file.txt

This command sets the compressed attribute for file.txt and clears all other attributes that we’ve set before for the file.

There are some attributes that we can’t modify with chattr:

  • E: compression error
  • h: huge file
  • I: indexed directory
  • N: inline data
  • X: compression raw access
  • Z: compressed dirty file

Yet, lsattr lists these attributes.

Also, some attributes require running the chattr command as the root user:

  • a: append only
  • i: immutable
  • j: data journalling

Let’s set the a attribute on file.txt as a regular user:

$ chattr +a /home/abdulhameed/file.txt
chattr: Operation not permitted while setting flags on /home/abdulhameed/file.txt

This causes chattr to return with an error.

6. Conclusion

In this article, we first learned how to list file attributes using the lsattr command. After that, we looked at the interpretation of its output by understanding the meaning of each attribute. Finally, we explored how to use the chattr command to change the attributes of a file.

Comments are closed on this article!