1.\"- 2.\" Copyright (c) 2000, 2001 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd March 30, 2000 29.Dt EXTATTRCTL 8 30.Os 31.Sh NAME 32.Nm extattrctl 33.Nd manage FFS extended attributes 34.Sh SYNOPSIS 35.Nm 36.Cm start 37.Ar path 38.Nm 39.Cm stop 40.Ar path 41.Nm 42.Cm initattr 43.Op Fl f 44.Op Fl p Ar path 45.Ar attrsize 46.Ar attrfile 47.Nm 48.Cm enable 49.Ar path 50.Ar attrnamespace 51.Ar attrname 52.Ar attrfile 53.Nm 54.Cm disable 55.Ar path 56.Ar attrnamespace 57.Ar attrname 58.Sh DESCRIPTION 59.Nm 60is the management utility for extended attributes over the FFS file system. 61.Nm 62allows the starting and stopping of extended attributes on a file system, 63as well as initialization of attribute backing files, and enabling and 64disabling of specific extended attributes on a file system. 65.Pp 66The first argument on the command line indicates the operation to be 67performed. 68Operation must be one of the following: 69.Bl -tag -width indent 70.It Cm start Ar path 71Start extended attribute support on the file system named using 72.Ar path . 73The file system must be an FFS file system, and the FFS_EXTATTR kernel 74option must have been enabled. 75.It Cm stop Ar path 76Stop extended attribute support on the file system named using 77.Ar path . 78Extended attribute support must previously have been started. 79.It Xo 80.Cm initattr 81.Op Fl f 82.Op Fl p Ar path 83.Ar attrsize attrfile 84.Xc 85Create and initialize a file to use as an attribute backing file. 86You must specify a maximum per-inode size for the attribute in bytes in 87.Ar attrsize , 88as well as the file where the attribute will be stored, using 89.Ar attrfile . 90.Pp 91The 92.Fl f 93argument may be used to indicate that it is alright to overwrite an 94existing attribute backing file; otherwise, if the target file exists, 95an error will be returned. 96.Pp 97The 98.Fl p Ar path 99argument may be used to preallocate space for all attributes rather than 100relying on sparse files to conserve space. 101This has the advantage of guaranteeing that space will be available 102for attributes when they are written, preventing low disk space conditions 103from denying attribute service. 104.Pp 105This file should not exist before running 106.Cm initattr . 107.It Cm enable Ar path attrnamespace attrname attrfile 108Enable an attribute named 109.Ar attrname 110in the namespace 111.Ar attrnamespace 112on the file system identified using 113.Ar path , 114and backed by initialized attribute file 115.Ar attrfile . 116Available namespaces are "user" and "system". 117The backing file must have been initialized using 118.Cm initattr 119before its first use. 120Attributes must have been started on the file system prior to the 121enabling of any attributes. 122.It Cm disable Ar path attrnamespace attrname 123Disable the attributed named 124.Ar attrname 125in namespace 126.Ar attrnamespace 127on the file system identified by 128.Ar path . 129Available namespaces are "user" and "system". 130The file system must have attributes started on it, and the attribute 131most have been enabled using 132.Cm enable . 133.El 134.Sh EXAMPLES 135.Pp 136.Dl extattrctl start / 137.Pp 138Start extended attributes on the root file system. 139.Pp 140.Dl extattrctl initattr 17 /.attribute/md5 141.Pp 142Create an attribute backing file in /.attribute/md5, and set the maximum 143size of each attribute to 17 bytes, with a sparse file used for storing 144the attributes. 145.Pp 146.Dl extattrctl enable / system md5 /.attribute/md5 147.Pp 148Enable an attribute named md5 on the root file system, backed from the file 149/.attribute/md5. 150.Pp 151.Dl extattrctl disable / md5 152.Pp 153Disable the attribute named md5 on the root file system. 154.Pp 155.Dl extattrctl stop / 156.Pp 157Stop extended attributes on the root file system. 158.Sh SEE ALSO 159.Xr getextattr 8 , 160.Xr setextattr 8 , 161.Xr extattr 9 162.Sh HISTORY 163Extended attribute support was developed as part of the TrustedBSD Project, 164and introduced in 165.Fx 5.0 . 166It was developed to support security extensions requiring additional labels 167to be associated with each file or directory. 168.Sh AUTHORS 169Robert N M Watson 170