What to chattr?
Is there a list of what files should and should not be chattr?
Right now, we set the "i" attribute on all the executible files, all the initscripts, and various files in the /etc directory.
Am wondering, can you also set this attribute on lib files and whatnot?
Basically what the "i" attribute does is prevents anyone, include root, from modifying the file. You have to remove the "i" attribute before you can modify the file. I have a script I run to turn it off and on, just trying to improve on that list.
David
