Previous Page
PCLinuxOS Magazine
Article List
Next Page

Two Ways To Protect Your Files

by Paul Arnote (parnote)

In today's digital world, we rely on our computers for many, many things. One thing that our computers have become particularly useful for is safekeeping files full of vital or important information.

There is little else as distressing as losing an absolutely vital file. It could be the last pictures of grandma before she died. A list of serial numbers for household items. A presentation you spent weeks working on. An encrypted list of passwords. I'm sure you can probably think of a thousand different situations, and certainly situations that are unique to your own computing.

Keep in mind that we're not talking about file security here. Work on the assumption that anyone will be able to access your vital files. But what we're talking about here is helping to insure that those vital files are not easily deleted, either accidentally or purposefully.

Fortunately, there are at least two solutions to help prevent the deletion of files. Let's take a look at each method.

Method #1: Use The Tools You Already Have

Believe it or not, all of the tools you need to protect your files from deletion were installed from the first day you installed PCLinuxOS. You just probably didn't know they were there, or how to use them. Maybe you're already somewhat familiar with the tools, but forgot about them. Either way, this method employs very low overhead, since there's nothing else to install on your computer.

Specifically, I'm talking about the chattr (change attribute) command. To run it, you need to be root. But otherwise, it's fairly straight forward. While there are several flags that can be used with chattr, we're going to concern ourselves with the i and a flags, primarily. You can learn about the other flags by entering man chattr at a command prompt. (While there is a chattr flag for "undeletable," it does not work on the ext3 and ext4 file systems, which is probably what most PCLinuxOS users use).

Issue the command (as root) as follows:

chattr +i yourfile.ext

This will change the file attribute to "immutable." When the file attribute is set to immutable, NO ONE, not even the root user, can delete the file. The file cannot even be changed by anyone. In order to delete (or change) the file, you will need to change the file attribute to remove the immutable flag. Thus, you remove the immutable flag like this:

chattr -i yourfile.ext

Again, you have to run the command as root. Once the immutable flag is removed, it can be deleted (or changed) just like any other file on your computer, provided you have proper file permissions to do so. If you are merely updating a file and want to restore the immutable flag, don't forget to rerun the first chattr command after you're done editing the file.

It seems like a lot to go through just to protect a file, but then think of the consequences of deleting an irreplaceable file. The command is fast and easy to execute, and gives you a literal metric ton of peace of mind.

However, you can use the a flag, instead of the i flag. The a flag stands "append only." Doing so allows you to edit, modify and append the file, but prevents the deletion of the file. The format for the command is virtually identical to using the i flag, except you use the a flag, like this (ran as the root user):

chattr +a yourfile.ext

Similarly, you can remove the a flag, like this:

chattr -a yourfile.ext

Once the a flag is removed, you will be able to delete the file, just like any other on your system. While it may be more convenient to use the "append only" flag, it doesn't afford you as much protection as the immutable flag. So, if you're worried about the contents of your file being changed, you might want to stick to using the immutable flag.

In real world use, you can combine these flags with others. For example, if you want to make a directory immutable, along with all of the files in a directory, simply issue the command like this:

chattr -R +i /home/username/directory

The -R flag means to recurse the directory. This makes the directory and all of the files within that directory immutable. You can also use the "append only" flag in the same manner. Done this way, neither the directory nor any of the files within it can be deleted until the immutable or "append only" flag is removed (with -i or -a).

The chattr command also allows for the use of standard wildcards. You can get similar results by travelling to the directory containing the files you want to protect, and issuing the command like this:

chattr +i *.*

This will make all of the files in that directory immutable, and thus unable to be deleted.

Method #2: Use Python rm-protection

To use this method, you will need to install a couple of additional things to your computer. First, you will need to install python-pip from the PCLinuxOS repository. This is the installer for other Python scripts/programs. Then, you will need to download rm-protection from GitHub. Download it as a ZIP file, then decompress it into a directory in your /home folder. Then, from a command line prompt, su to root, and execute pip install path/to/program (where path/to/program is the location where you decompressed rm-protection). For example, if you decompressed the files for rm-protection to ~/Downloads/rm-protection, your command would be pip install /home/user/Downloads/rm-protection/rm-protection.

The rm-protection "package" from GitHub contains two programs: rm-p and protect. You specify which files to protect. From a command line, enter protect yourfile.ext (you can also specify a fully qualified path before the filename). It will then ask you for a verification question. You decide what the question is, so make it something that only you know the answer to. Then, you supply the answer to the question you just designated as the verification question. That answer is stored in the current directory in the file named .yourfile.ext.rm-protection ("yourfile.ext" will match the name of the file you specify that you want to protect).

To delete a file, enter rm-p yourfile.ext. The verification question will be displayed. If you answer correctly, the file will be deleted. If you don't answer correctly, the file will not be deleted. It's really that simple. Below is a sample readout from rm-p:

rm-p: /home/user/yourfile.ext: What is your favorite Linux?
Answer: Ubuntu
rm-p: Wrong answer! /home/user/yourfile.ext will not be removed
rm-p: The answer is stored in /home/user/.yourfile.ext.rm-protection
rm: missing operand
Try 'rm --help' for more information.

Of course, the above readout is from giving the wrong answer to the verification question. Had the answer been correct, the specified file would simply have been deleted, with no need for verbose output.

Keep in mind that the answer is case sensitive. Thus, "pclinuxos" is different from "PCLinuxOS," which is different from "PCLINUXOS." Also, rm-protection only protects a normal user's files. The root user still has the ability to delete a user's file(s), even if it is "protected."

As with chattr, the protect and rm-p commands recognize the -R flag, which protects the directory specified, as well as all of the files contained within the directory.


Both methods take different approaches with a single goal in mind: protect your files from deletion. Don't confuse this with file security. This is ONLY to protect your files from deletion -- accidental or purposeful. Your "protected" files content can still be read by anyone with proper access to your computer.

Also, this method won't protect your files from erasure by reformatting your hard drive. But then, I suppose nothing will protect them in that eventuality. The only way to be certain that your critical, vital and important files remain safe is to properly back them up.

Previous Page              Top              Next Page