chattr

Make immutable

$ sudo chattr +i path/to/file

$ sudo chattr -i path/to/file

$ sudo chattr -R +i path/to/dir

$ chattr +F path/to/dir

$ sudo chattr +a path/to/file

chattr [OPTIONS] [mode] files...

chattr changes file attributes on Linux filesystems. These extended attributes provide security and administrative controls beyond standard permissions, such as making files immutable or append-only.
The immutable attribute (+i) is particularly useful for protecting critical system files, as even root cannot modify, delete, or rename an immutable file until the attribute is removed. The append-only attribute (+a) is commonly used for log files to prevent tampering while still allowing new entries to be written.

+attribute

Add attribute to file

Remove attribute from file

Set only the specified attributes

Change attributes recursively

Immutable - cannot be modified, deleted, or renamed

Append-only - can only be appended to

Secure deletion - blocks overwritten with zeros

Synchronous updates

No atime updates

Compressed

Extent format (default on ext4)

Case-fold directory (case-insensitive)

Requires appropriate capabilities or root privileges. Immutable files cannot be changed even by root until the attribute is removed. Not all filesystems support all attributes.

chattr is part of e2fsprogs, providing extended attribute management for ext2/ext3/ext4 and other Linux filesystems.

lsattr(1), chmod(1)