Hi,
just try
man chattr
You wil got something like...
CHATTR(1) CHATTR(1)
NAME
chattr - change file attributes on a Linux second extended file
system
SYNOPSIS
chattr [ -RV ] [ -v version ] [ mode ] files...
DESCRIPTION
chattr changes the file attributes on a Linux second extended file
system.
The format of a symbolic mode is +-=[ASacdisu].
The operator `+' causes the selected attributes to be added to the
existing attributes of the
files; `-' causes them to be removed; and `=' causes them to be the
only attributes that the
files have.
The letters `ASacdisu' select the new attributes for the files:
don't update atime (A), syn-
chronous updates (S), append only (a), compressed (c), immutable (i),
no dump (d), secure
deletion (s), and undeletable (u).
OPTIONS
-R Recursively change attributes of directories and their
contents. Symbolic links
encountered during recursive directory traversals are ignored.
-V Be verbose with chattr's output and print the program version.
-v version
Set the filesystem version.
ATTRIBUTES
When a file with the 'A' attribute set is modified, its atime record
is not modified. This
avoids a certain amount of disk I/O for laptop systems.
A file with the `a' attribute set can only be open in append
mode for writing. Only the
superuser can set or clear this attribute.
A file with the `c' attribute set is automatically compressed on the
disk by the kernel. A
read from this file returns uncompressed data. A write to this
file compresses data before
storing them on the disk.
A file with the `d' attribute set is not candidate for backup when
the dump (8) program is
run.
A file with the `i' attribute cannot be modified: it cannot be
deleted or renamed, no link
can be created to this file and no data can be written to the file.
Only the superuser can
set or clear this attribute.
When a file with the `s' attribute set is deleted, its blocks are
zeroed and written back to
the disk.
When a file with the `S' attribute set is modified, the changes are
written synchronously on
the disk; this is equivalent to the `sync' mount option applied to a
subset of the files.
When a file with the `u' attribute set is deleted, its contents are
saved. This allows the
user to ask for its undeletion.
AUTHOR
chattr was written by Remy Card <card@masi.ibp.fr>, the developer and
maintainer of the ext2 fs.
BUGS AND LIMITATIONS
As of ext2 fs 0.5a, the `c' and `u' attribute are not honoured by the
kernel code. As of the
Linux 2.0 kernel, the 'A' attribute is not yet supported by the
kernel code. (The noatime
code is still in testing.)
These attributes will be implemented in a future ext2 fs version.
AVAILABILITY
chattr is part of the e2fsprogs package and is available
for anonymous ftp from
tsx-11.mit.edu in /pub/linux/packages/ext2fs.
SEE ALSO
lsattr(1)
E2fsprogs version 1.18 November 1999 1
> Mezui me Ze Fredie
> Saritel S.p.A. - MSP-OS(Managed Services & Platforms- Operations Support
Systems)
> Gruppo Telecom Italia
> S.S. 148 Pontina Km. 29,100 - 00040 Pomezia (RM)
> Tel. +39.06.91197.409
> Voice ext: 6409
> E-Mail: f.mezuimeze@saritel.it
> "You cannot speak of democracy if you are not ready to play by its rules."
>
>
> Le informazioni contenute o allegate alla mail sono classificate - SARITEL
- Uso interno - e sono dirette unicamente al destinatario in indirizzo che
si impegna a mantenere riservate le informazioni relative alla presente.
Chiunque riceva questa mail per errore è tenuto ad informare immediatamente
il mittente ed a distruggere le informazioni in essa contenute. Si ringrazia
per la collaborazione.
>
> This e-mail contains SARITEL classified information intended only for use
of the address named above. If the reader of this message in not the
intended recipient, please note that dissemination, distribution or copying
of this communication is strictly forbidden. Anyone who receives this
communication in error should destroy it and inform the sender .Thanks for
the collaboration.
-----Messaggio originale-----
Da: Administrator [mailto:WebMaster@gcstation.net]
Inviato: giovedì 7 novembre 2002 21.13
A: security-discuss@linuxsecurity.com
Oggetto: root unable to delete
Greetings All,
I had a machine get hacked on RH 7.2
Whoever did it made some changes to files
and did something to the file that does not
all me to delete the file, when I am logged
in as root and the file is owned by root and
is in the group of root and is set as 755 .
I can't even edit and save the changes to the
file.
Can someone tell me how they did it ?
I have removed the machine and rebuilt it but
I would love to know how it was done.
Thanks all,
Mike
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
