1.\"- 2.\" Copyright (c) 2000-2001 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" This software was developed by Robert Watson for the TrustedBSD Project. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" $FreeBSD$ 29.\" 30.\" Developed by the TrustedBSD Project. 31.\" Support for file system extended attribute. 32.\" 33.Dd March 30, 2000 34.Dt EXTATTRCTL 8 35.Os 36.Sh NAME 37.Nm extattrctl 38.Nd manage FFS extended attributes 39.Sh SYNOPSIS 40.Nm 41.Cm start 42.Ar path 43.Nm 44.Cm stop 45.Ar path 46.Nm 47.Cm initattr 48.Op Fl f 49.Op Fl p Ar path 50.Ar attrsize 51.Ar attrfile 52.Nm 53.Cm enable 54.Ar path 55.Ar attrnamespace 56.Ar attrname 57.Ar attrfile 58.Nm 59.Cm disable 60.Ar path 61.Ar attrnamespace 62.Ar attrname 63.Sh DESCRIPTION 64.Nm 65is the management utility for extended attributes over the FFS file system. 66.Nm 67allows the starting and stopping of extended attributes on a file system, 68as well as initialization of attribute backing files, and enabling and 69disabling of specific extended attributes on a file system. 70.Pp 71The first argument on the command line indicates the operation to be 72performed. 73Operation must be one of the following: 74.Bl -tag -width indent 75.It Cm start Ar path 76Start extended attribute support on the file system named using 77.Ar path . 78The file system must be an FFS file system, and the FFS_EXTATTR kernel 79option must have been enabled. 80.It Cm stop Ar path 81Stop extended attribute support on the file system named using 82.Ar path . 83Extended attribute support must previously have been started. 84.It Xo 85.Cm initattr 86.Op Fl f 87.Op Fl p Ar path 88.Ar attrsize attrfile 89.Xc 90Create and initialize a file to use as an attribute backing file. 91You must specify a maximum per-inode size for the attribute in bytes in 92.Ar attrsize , 93as well as the file where the attribute will be stored, using 94.Ar attrfile . 95.Pp 96The 97.Fl f 98argument may be used to indicate that it is alright to overwrite an 99existing attribute backing file; otherwise, if the target file exists, 100an error will be returned. 101.Pp 102The 103.Fl p Ar path 104argument may be used to preallocate space for all attributes rather than 105relying on sparse files to conserve space. 106This has the advantage of guaranteeing that space will be available 107for attributes when they are written, preventing low disk space conditions 108from denying attribute service. 109.Pp 110This file should not exist before running 111.Cm initattr . 112.It Cm enable Ar path attrnamespace attrname attrfile 113Enable an attribute named 114.Ar attrname 115in the namespace 116.Ar attrnamespace 117on the file system identified using 118.Ar path , 119and backed by initialized attribute file 120.Ar attrfile . 121Available namespaces are "user" and "system". 122The backing file must have been initialized using 123.Cm initattr 124before its first use. 125Attributes must have been started on the file system prior to the 126enabling of any attributes. 127.It Cm disable Ar path attrnamespace attrname 128Disable the attributed named 129.Ar attrname 130in namespace 131.Ar attrnamespace 132on the file system identified by 133.Ar path . 134Available namespaces are "user" and "system". 135The file system must have attributes started on it, and the attribute 136most have been enabled using 137.Cm enable . 138.El 139.Sh EXAMPLES 140.Dl extattrctl start / 141.Pp 142Start extended attributes on the root file system. 143.Pp 144.Dl extattrctl initattr 17 /.attribute/md5 145.Pp 146Create an attribute backing file in /.attribute/md5, and set the maximum 147size of each attribute to 17 bytes, with a sparse file used for storing 148the attributes. 149.Pp 150.Dl extattrctl enable / system md5 /.attribute/md5 151.Pp 152Enable an attribute named md5 on the root file system, backed from the file 153/.attribute/md5. 154.Pp 155.Dl extattrctl disable / md5 156.Pp 157Disable the attribute named md5 on the root file system. 158.Pp 159.Dl extattrctl stop / 160.Pp 161Stop extended attributes on the root file system. 162.Sh SEE ALSO 163.Xr getextattr 8 , 164.Xr setextattr 8 , 165.Xr extattr 9 166.Sh HISTORY 167Extended attribute support was developed as part of the TrustedBSD Project, 168and introduced in 169.Fx 5.0 . 170It was developed to support security extensions requiring additional labels 171to be associated with each file or directory. 172.Sh AUTHORS 173Robert N M Watson 174