Quickly inspect special filesystem attributes that can block edits or deletions. 05.04.2026 | reading time: 2 min Ordinary directory listings hide special inode flags; `lsattr` exposes them so you can discover why a file refuses to be edited or removed, and then take corrective action. A quick practical example Create a file, inspect its attributes, set the immutable flag, then observe the effect with these commands and outputs: ``` touch secret.txt lsattr secret.txt # output before --------------e-- secret.txt sudo chattr +i secret.txt lsattr secret.txt # output after ----i--------e-- secret.txt rm secret.txt # -> rm: cannot remove 'secret.txt': Operation not permitted sudo chattr -i secret.txt rm secret.txt ``` Common flags and behavior `lsattr` shows letters like "i" for immutable and "a" for append-only among others; many of these flags prevent modifications or deletion and require `chattr` (usually as root) to change, and only certain filesystems support them, so check inode support before relying on them. Useful companion commands Use `chattr` to change attributes, `stat` to inspect inode metadata such as timestamps and permissions, and `debugfs` or other e2fsprogs tools for low-level inspection when attributes behave unexpectedly, especially on ext-family filesystems. A practical final note Knowing how to read and change inode flags with `lsattr` and `chattr` can save hours when files refuse to be altered; explore deeper filesystem tools to understand when and why to lock files, and consider formal study to solidify your skills. Join Bits & Bytes Academy First class LINUX exam preparation. filesystem utilities security
