Practice Use drills for recall and labs for real operating judgment.

LAB-SEC-04 - Hardening with chattr

Use chattr and lsattr on disposable files so you understand immutable and append-only attributes without risking important data.

SEC Security & Firewalls

Hardening with chattr

Use chattr and lsattr on disposable files so you understand immutable and append-only attributes without risking important data.

20 min INTERMEDIATE LINUX Curriculum-reviewed
Prerequisites
Lab LAB-FS-04 - Inside /proc and /sys - The Virtual Windows Lab LAB-SEC-03 - SSH Key Authentication
Success criteria
  • Use chattr and lsattr on disposable files so you understand immutable and append-only attributes without risking important data.
  • Repeat the workflow without copy-paste or step-by-step prompting.
Safety notes
  • Practice only on disposable files or folders. Immutable attributes can interfere with real updates and edits if used carelessly.

Part A: The Field Guide

What This Lab Is Really About

This lab introduces filesystem attributes that go beyond normal read and write permissions.

The goal is not to make everything immutable. The goal is to understand:

  • what the immutable flag does
  • how to verify it
  • how to remove it before legitimate maintenance

Practice on disposable files only.

Command Reference

Common chattr workflow

sudo chattr +i important_config.txt lsattr important_config.txt sudo chattr -i important_config.txt

Part B: The Drill Deck

Terminal required: use a disposable file or folder in your home directory.

G
Guided Step by step - type exactly this and compare the result
>

Exercise G1: Make a File Immutable

  1. Create a practice file:
touch important_config.txt
  1. Apply the immutable flag:
sudo chattr +i important_config.txt
  1. Try to modify or remove the file.
  2. Observe that the filesystem attribute blocks the change.

Exercise G2: Verify the Attribute

  1. Run:
lsattr important_config.txt
  1. Confirm that the immutable flag appears in the output.

Exercise G3: Remove the Attribute

  1. Remove the flag:
sudo chattr -i important_config.txt
  1. Verify with lsattr.
  2. Confirm that the file can now be changed or removed normally.
S
Solo Task described, hints available - figure it out
>

Exercise S1: Try Append-Only

  1. Create a new file:
touch bank_ledger.txt
  1. Apply append-only mode:
sudo chattr +a bank_ledger.txt
  1. Append text with >>.
  2. Then try overwriting with >.
  3. Observe how the behavior differs.

Exercise S2: Clean Up Safely

  1. Remove the append-only flag:
sudo chattr -a bank_ledger.txt
  1. Delete the file afterward.
M
Mission Real scenario - no hints, combine multiple skills
>

Mission M1: Protect and Unprotect a Practice Directory

Create a small practice directory with two files inside it. Then:

  1. find the recursive option for chattr
  2. apply the immutable flag to the whole directory tree
  3. verify the result
  4. remove the flag recursively so you can clean up afterward

The learning goal is not the dramatic rm -rf moment. It is understanding the full attribute lifecycle safely.