How to make files undeletable, even by root

If you need to make your backups undeletable, even by root, the chattr command is the solution.

Watch Free Movies

Chattr changes the file attributes. Chattr +i /path/to/file sets an invisible lock on the file, and makes it unchangeable, so undeletable. The +i bit is called immutable bit.

Make the file unchangeable:

$ sudo chattr +i /path/to/file

When you do an ls -l on the file, you will not notice anything awkward, the +i bit is invisible. To see the hidden bits, use lsattr /path/to/file

$ lsattr /path/to/file
----i-------- file

So, an file with an immutable file cannot be deleted, even by root. To delete a file with the +i attribute, remove the +i bit and than do the rm.

This is how you remove the +i bit:

# chattr -i /path/to/file

Now, with the +i bit removed, everybody having write permissions can remove the /path/to/file.

The immutable bit, proof of power – with examples:

# chmod 777 file1
# chattr +i file1
# rm -rf file1
bash: file1: Permission denied
# echo "test" > file1
bash: file1: Permission denied
# mv file1 file2
bash: file1: Permission denied
# chattr -i file1
# mv file1 file2
# ls

Scroll to Top