Ubuntu disk cleanup protection

With ubuntu for a long time, many people will suddenly give a hint: disk space is less than 1G! Then analyze for a long time. . Recently encountered similar problems, the record is as follows: One: .xsession-errors.old You can see such a hidden file in the main user directory on the terminal, I saw the size of 22G or so! Checked online, saying that this file is because of the record collection of communication errors between our machine and the server, will continue to increase the record. Someone suggested that you can write a script to delete this file periodically, which is too much trouble. You can solve this problem by using the following command: rm .xsession-errors.old touch .xsession-errors.old sudo chattr +i .xsession-errors.old Delete Drop, then create a new file with the same name, modify this file to be unwritable! Two: Chattr command to learn Before I used this chattr command, I found out that this command is so useful! Sometimes there is a way to modify a file even if you use root privileges. It is most likely locked by the chattr command. Some functions of this command are supported by the Linux kernel. Use this command to lock some special files of the system and improve security. The chattr command cannot protect /, /dev, /tmp, ar directories. The lsattr command is the display attribute, the file attribute set by the chattr command. The general operation is basically chmod chown these two commands to modify the read and write permissions, the owner, chattr is a lower level of property control commands! Usage of the chattr command: chattr [ -RVf ] [ -v version ] [ mode ] files… The most important thing is that in the [mode] section, the [mode] section is combined by the characters +-= and [ASacDdIijsTtu]. It is used to control the properties of the file, as follows: + : Based on the original parameter settings, add parameters. - : Remove the parameters based on the original parameter settings. = : Update to the specified parameter settings. A: The atime (access time) of a file or directory cannot be modified to prevent, for example, a laptop disk I/O error. S: Hard disk I/O synchronization option, similar to sync. a: append, after setting this parameter, you can only add data to the file, but not delete it. It is mostly used for server log file security. Only root can set this property. c: Compresse, set whether the file is compressed and then stored. Automatic decompression is required for reading. d: ie no dump, the setting file cannot be the backup target of the dump program. i: The setting file cannot be deleted, renamed, set the link relationship, and cannot be written or added. The i parameter is very helpful for the security settings of the file system. j: journal, set this parameter so that when the file system is mounted by the mount parameter: data=ordered or data=writeback, the file will be recorded first (in journal). If filesystem is set to data=journal, the parameter will automatically expire. s: Delete files or directories confidentially, that is, the hard disk space is completely reclaimed. u: Contrary to s, when set to u, the data content actually exists on the disk and can be used for undeletion. A and i are commonly used in various parameter options. The a option can only be added and can not be deleted, and is used for the security settings of the log system. While i is a stricter security setting, only superuser (root) or processes with CAP_LINUX_IMMUTABLE processing power (identification) can apply this option. Take the above example of .xsession-errors.old as an example: sudo chattr +i .xsession-errors.old then lsattr: jscese@jscese-H61M-S2P:~$ lsattr .xsession-errors.old ----i--- -----e-- .xsession-errors.old