详解Linux chattr 命令,超越权限任性修改
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_gif/K0TMNq37VN3BeaWMVgeHu3fjzTfia8o2tUx09tRdfaNaibgic33QRul5H0ClZcGRYX73WnwDcqog5Jts8edicDWqDg/640?wx_fmt=1&tp=webp&wxfrom=5&wx_lazy=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">非常多</span>时候,Linux<span style="color: black;">设备</span>被<span style="color: black;">区别</span>的用户<span style="color: black;">运用</span>。<span style="color: black;">因此呢</span>,这些用户有机会<span style="color: black;">拜访</span>一组<span style="color: black;">一起</span>的文件。这就为<span style="color: black;">有些</span>问题打开了<span style="color: black;">前门</span>,<span style="color: black;">例如</span>意外删除或编辑重要文件,而<span style="color: black;">做为</span>管理员,你肯定不<span style="color: black;">期盼</span><span style="color: black;">出现</span><span style="color: black;">这般</span>的事情。值得<span style="color: black;">幸运</span>的是,存在一个名为“chattr”的命令,它<span style="color: black;">能够</span>在<span style="color: black;">以上</span>场景中<span style="color: black;">帮忙</span>到你。下面,<span style="color: black;">咱们</span><span style="color: black;">运用</span><span style="color: black;">有些</span>容易理解的示例来讨论这个工具。本页面所有的例子都在Ubuntu 16.04 LTS上进行了测试。</span></strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">Linux chattr 命令</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">通常</span>,“chattr”命令用于更改Linux文件上属性。以下是它的语法:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">chattr [ -RVf ] [ -v version ] [ mode ] files...</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">下面是man手册对它的描述:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">chattr 改变一个Linux文件系统上的文件属性。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">一个通用格式是:+-=</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">‘+’选项,将给文件添加属性;‘-’选项,移除文件中的属性;‘=’选项,使得文件<span style="color: black;">仅有</span>这些属性。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">字母 aAcCdDeijsStTu <span style="color: black;">能够</span>赋予文件的新属性:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">a:只能附加数据A:不修改<span style="color: black;">拜访</span>时间c:压缩文件,C:不执行写入时复制(COW) 。多个调用者获取同一个资源,<span style="color: black;">此时</span>,另一个调用者对这资源进行了修改,不生成一个副本给d:不 dump D: 同步更新目录e:extent格式(一种文件系统格式)i:<span style="color: black;">不可</span>修改。<span style="color: black;">不可</span>删除或重命名,<span style="color: black;">不可</span>创建到该文件的链接,<span style="color: black;">亦</span><span style="color: black;">不可</span>向该文件写入数据。<span style="color: black;">仅有</span>超级用户或<span style="color: black;">持有</span> CAP_LINUX_IMMUTABLE 能力的进程<span style="color: black;">才可</span>设置或清除此属性。j:数据日志s:安全删除S:同步更新t:不<span style="color: black;">晓得</span>文件尾部合并T:目录层次的顶部u:文件被删除时,其内容会被<span style="color: black;">保留</span>,后面<span style="color: black;">能够</span>请求恢复</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">下面的只读属性,<span style="color: black;">能够</span><span style="color: black;">运用</span> lsattr列出,但<span style="color: black;">不可</span>被 chattr 修改:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">E:压缩错误h:巨大的文件I:索引目录N:内联数据X:压缩原始<span style="color: black;">拜访</span>Z:压缩文件是脏的</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">并不是所有文件系统都支持所有标志;参考文件系统手册<span style="color: black;">认识</span>如btrfs(5), ext4(5), 和 xfs(5)文件格式的<span style="color: black;">更加多</span>详情。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">下面是<span style="color: black;">有些</span>问答式的例子,这些例子应该能让你对chattr命令的工作原理有一个很好的<span style="color: black;">认识</span>。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">Q1. chattr 命令<span style="color: black;">怎样</span>使用?</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">假设您想要使一个文件<span style="color: black;">作为</span>只读的。<span style="color: black;">因此呢</span>,您所要做的<span style="color: black;">便是</span><span style="color: black;">运用</span>+i选项和文件的名<span style="color: black;">叫作</span><span style="color: black;">做为</span>参数来运行chattr命令。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">如:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">chattr +i test.txt</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">下面的截图<span style="color: black;">表示</span>,一旦<span style="color: black;">运用</span>chattr<span style="color: black;">作为</span>只读文件,就不会有其他操作在文件上取得成功。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/K0TMNq37VN0ufp5harJqGEBZaf8Vg0lAZM6xsqPmsiaW2nY4qb0eXP15vls4FTL8SoNA8T494APgTtzILLzrxwA/640?wx_fmt=jpeg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">重视</span>:正如您<span style="color: black;">已然</span>观察到的,您需要<span style="color: black;">持有</span><span style="color: black;">运用</span>chattr命令的root权限。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">Q2. chattr 命令<span style="color: black;">怎样</span>取消只读属性?</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">这很简单--你所要做的<span style="color: black;">便是</span><span style="color: black;">运用</span>-i选项替换+i。例如:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">chattr -i test.txt</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/K0TMNq37VN0ufp5harJqGEBZaf8Vg0lAOKTHnAnJNjbQhQas6Z6UkKSUN7ndPh3vThZIEQXQRTJ8WIIibrSnMUA/640?wx_fmt=jpeg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">Q3. chattr 命令<span style="color: black;">怎样</span>给一个文件添加只能追加(append-only)的权限?</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">有时,您可能不<span style="color: black;">期盼</span>对文件进行完全限制。我的意思是,您可能想要为用户<span style="color: black;">供给</span>对文件的追加的<span style="color: black;">拜访</span>,<span style="color: black;">这般</span>就<span style="color: black;">能够</span>添加新的内容,<span style="color: black;">然则</span>现有的内容<span style="color: black;">不可</span>被删除或编辑。这<span style="color: black;">亦</span><span style="color: black;">能够</span><span style="color: black;">经过</span>+a选项。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">chattr +a test.txt</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/K0TMNq37VN0ufp5harJqGEBZaf8Vg0lAIrf3A8oFhu57VYdmtVOkoRwrcyf4CRpV0BYU8YCR3foR2iaYysdmmfQ/640?wx_fmt=jpeg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">此刻</span><span style="color: black;">能够</span>附加内容到文件中,<span style="color: black;">然则</span><span style="color: black;">不可</span>编辑文件中的现有信息,<span style="color: black;">亦</span><span style="color: black;">不可</span>删除文件。要取消这种<span style="color: black;">行径</span>,只需<span style="color: black;">运用</span>-a选项。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">chattr -a test.txt</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">Q4. chattr 命令<span style="color: black;">怎样</span>对一个目录中的所有文件添加限制?</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">这<span style="color: black;">能够</span><span style="color: black;">运用</span>标记-R来完成,它<span style="color: black;">准许</span>您递归地改变目录及其内容的属性。例如,<span style="color: black;">倘若</span>您想让test-dir目录中的所有文件都是只读的,<span style="color: black;">那样</span>请<span style="color: black;">运用</span>以下方式:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">chattr -R +i ./test-dir/</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">下面的截图<span style="color: black;">表示</span>了只读限制被成功地应用到目录中的所有文件中。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/K0TMNq37VN0ufp5harJqGEBZaf8Vg0lAKgBGWBE9pYibg8dA385eubna5MiaBYgsxsuHsDrlIJfRicHibnBvvMRlwA/640?wx_fmt=jpeg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">Q5. <span style="color: black;">怎样</span>查看 chattr 命令赋予文件上的属性?</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">到<span style="color: black;">日前</span>为止,为了<span style="color: black;">检测</span><span style="color: black;">是不是</span>成功执行了chattr目录,<span style="color: black;">咱们</span>尝试执行<span style="color: black;">有些</span>操作,如编辑文件或删除它。<span style="color: black;">然则</span>有一个单独的命令,<span style="color: black;">能够</span>让您<span style="color: black;">容易</span>地查看文件<span style="color: black;">是不是</span>有某个属性。这个命令是lsattr。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">lsattr </span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">例如,下面的截图<span style="color: black;">表示</span>了lsattr的输出,清楚地<span style="color: black;">显示</span>“i”属性被应用到目录中的所有文件中。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/K0TMNq37VN0ufp5harJqGEBZaf8Vg0lAf42jBOa1FmYAUdRict3yGPo9ZOenc0LNY3k69HU0RSaEMaa53uh9ydA/640?wx_fmt=jpeg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">再确认一下,这是<span style="color: black;">运用</span>-i选项后的输出。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/K0TMNq37VN0ufp5harJqGEBZaf8Vg0lA2ZYUQf0GJYZ0F2JKNoXkF00UJFgGMBkuO6l6JOGAxibibPh7YfcibPemg/640?wx_fmt=jpeg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">您<span style="color: black;">能够</span>在上面的截图中看到,只读属性从所有文件中删除了。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">总结</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">倘若</span>您是一个系统管理员,<span style="color: black;">或</span>在Linux<span style="color: black;">设备</span>上管理用户,<span style="color: black;">那样</span>您<span style="color: black;">此刻</span>明白了,chattr是一个必须<span style="color: black;">晓得</span>的命令行工具。有效地<span style="color: black;">运用</span>这个命令<span style="color: black;">能够</span>避免<span style="color: black;">非常多</span>麻烦。</span></p><span style="color: black;">让您学习到的每一节课都有所收获</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">《Linux就该这么学》是一本由资深运维专家刘遄老师及国内多名红帽架构师(RHCA)基于最新RHEL7系统<span style="color: black;">一起</span>编写的高质量Linux技术自学教程,极其适合用于Linux技术入门教程或讲课辅助教材。荣获双11、双12购物狂欢节IT品类书籍销量冠军,2017年、2018年国内读者增速最快的技术书籍,您<span style="color: black;">能够</span>在京东、当当、亚马逊及天猫搜索书名后购买,<span style="color: black;">也</span>可加刘遄老师<span style="color: black;">微X</span>交流学习(手指按住下图3秒钟<span style="color: black;">就可</span>自动扫描)~</span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/K0TMNq37VN1EDtr0Y5iayksCaGGxLSytmktZkqHvNYyxPvuMMSUBkliafN78qCQbSKOq7vLD1pJcQZquCx8uDP5g/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">刘遄老师QQ:5604215</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">☀ </span><span style="color: black;">Linux技术交流群:<strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">560843</span></strong></span></strong></span></strong></span></strong></span></strong></span></strong></span></strong></span></strong></span></span></strong></span></strong></span></strong></span></strong>(<span style="color: black;"><strong style="color: blue;">新群,</strong><strong style="color: blue;">火热加群中……</strong></span>)</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">☀ </span><span style="color: black;">官方站点:<strong style="color: blue;">www.linuxprobe.com</strong></span></span></strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><span style="color: black;">☀ 书籍在线学习(电脑在线阅读效果更佳<strong style="color: blue;"><span style="color: black;">)</span></strong>:</span></strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><span style="color: black;">http://www.linuxprobe.com/chapter-00.html</span></strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">《Linux就该这么学》</span></strong></span><span style="color: black;"><span style="color: black;">是一本基于最新Linux系统编写,面向零<span style="color: black;">基本</span>读者的技术书籍。从Linux<span style="color: black;">基本</span>知识讲起,<span style="color: black;">而后</span>渐进式地<span style="color: black;">加强</span>内容难度,<span style="color: black;">仔细</span>讲解Linux系统中<span style="color: black;">各样</span>服务的工作原理和配置方式,以匹配真实生产环境对运维人员的<span style="color: black;">需求</span>,突显内容的实用性。想要学习Linux系统的读者<span style="color: black;">能够</span>点击<span style="color: black;"><strong style="color: blue;"><span style="color: black;">"阅读原文"</span></strong></span>按钮<span style="color: black;">认识</span>这本书,<span style="color: black;">同期</span>这本书<span style="color: black;">亦</span>适合专业的运维人员阅读,<span style="color: black;">做为</span>一本非常有参考价值的工具书!</span></span></p>
祝福你、祝你幸福、早日实现等。 我深受你的启发,你的话语是我前进的动力。 你的留言真是温暖如春,让我感受到了无尽的支持与鼓励。
页:
[1]