15.5 Extended Attributes in UFS
In Solaris 9, a new interface was added to UFS for the storage of attributes. Rather than ACLs, which added a shadow inode to each file for permission storage; extended attributes adds a directory inode to each file (see struct icommon). This directory is not part of the regular file system name space, rather it is in its own dimension and is attached to ours via a worm-hole of function calls, such as openat(2) and attropen(3C).
An excellent discussion of extended attributes can be found in fsattr(5). This interface exists to support any extra attributes desired for files - this may be to support files from other file systems that require the storing of non-UFS attributes. Other uses will be discovered over time.
The following demonstration should get to the point quickly. Here we create an innocuous file, tardis.txt, and copy (yes, copy) several other files into its extended attribute name space, purely as a demonstration.
$ date > tardis.txt $ ls -l tardis.txt -rw-r--r-- 1 user1 other 29 Apr 3 10:46 tardis.txt $ runat tardis.txt cp /etc/motd /etc/group /usr/bin/ksh . $ runat tardis.txt ls -l total 352 -rw-r--r-- 1 user1 other 286 Apr 3 10:47 group -r-xr-xr-x 1 user1 other 171396 Apr 3 10:47 ksh -rw-r--r-- 1 user1 other 55 Apr 3 10:47 motd $ ls -l tardis.txt -rw-r--r-- 1 user1 other 29 Apr 3 10:46 tardis.txt $ ls -@ tardis.txt -rw-r--r--@ 1 user1 other 29 Apr 3 10:46 tardis.txt $ $ du -ks tardis.txt 184 tardis.txt
The runat tardis.txt ls -l command is listing the contents of the extended attribute name space associated with tardis.txt, which now contains a copy of three files. Note that the final ls -l tardis.txt doesn't show any difference unless the -@ option is used (displaying "@" in the same place where files with ACLs display "+"). The -@ option is new to ls(1), cp(1), tar(1) and cpio(1). The find(1) command has a -xattr option to find files that have extended attributes. The demonstration also shows that du is extended attribute aware.
Copying the ksh file was deliberate, as it allows us to journey to another world:
$ runat tardis.txt ./ksh cannot access parent directories $ ls -la total 33136 drwxr-xr-x 2 user1 other 180 Apr 3 10:47 . -rw-r--r-- 1 user1 other 16777245 Apr 3 10:52 .. -rw-r--r-- 1 user1 other 286 Apr 3 10:47 group -r-xr-xr-x 1 user1 other 171396 Apr 3 10:47 ksh -rw-r--r-- 1 user1 other 55 Apr 3 10:47 motd $ pwd cannot access parent directories $ cd .. ./ksh: ..: not a directory $ exit
Those security minded readers may imagine many entertaining abuses of extended attributes at this point. The can be turned off if needed, in Solaris 10 a -noxattr UFS mount option was added.