Tar/Extended-File-Attributes
[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
4.3.2 Extended File Attributes
Extended file attributes are name-value pairs that can be
associated with each node in a file system. Despite the fact that
POSIX.1e draft which proposed them has been withdrawn, the extended
file attributes are supported by many file systems. GNU tar
can
store extended file attributes along with the files. This feature is
controlled by the following command line arguments:
`--xattrs'
Enable extended attributes support. When used with
`--create'
, this option instructs GNUtar
created archive. This implies POSIX.1-2001 archive format (`--format=pax'
).When used with
`--extract'
, this option tellstar
, for each file extracted, to read stored attributes from the archive and to apply them to the file.`--no-xattrs'
Disable extended attributes support. This is the default.
Attribute names are strings prefixed by a namespace name and a dot.
Currently, four namespaces exist: `user'
, `trusted'
,
`security'
and `system'
. By default, when `--xattr'
is used, all names are stored in the archive (or extracted, if using
`--extract'
). This can be controlled using the following
options:
`--xattrs-exclude=pattern'
- Specify exclude pattern for extended attributes.
`--xattrs-include=pattern'
- Specify include pattern for extended attributes.
Here, the pattern
is a globbing pattern. For example, the
following command:
$ tar --xattrs --xattrs-exclude='user.*' -c a.tar . |
will include in the archive `a.tar'
all attributes, except those
from the `user'
namespace.
Any number of these options can be given, thereby creating lists of include and exclude patterns.
When both options are used, first `--xattrs-include'
is applied
to select the set of attribute names to keep, and then
`--xattrs-exclude'
is applied to the resulting set. In other
words, only those attributes will be stored, whose names match one
of the regexps in `--xattrs-include'
and don't match any of
the regexps from `--xattrs-exclude'
.
When listing the archive, if both `--xattrs'
and
`--verbose'
options are given, files that have extended
attributes are marked with an asterisk following their permission
mask. For example:
-rw-r--r--* smith/users 110 2016-03-16 16:07 file |
When two or more `--verbose'
options are given, a detailed
listing of extended attributes is printed after each file entry. Each
attribute is listed on a separate line, which begins with two spaces
and the letter `x'
indicating extended attribute. It is followed
by a colon, length of the attribute and its name, e.g.:
-rw-r--r--* smith/users 110 2016-03-16 16:07 file x: 7 user.mime_type x: 32 trusted.md5sum |
File access control lists (ACL) are another actively used feature proposed by the POSIX.1e standard. Each ACL consists of a set of ACL entries, each of which describes the access permissions on the file for an individual user or a group of users as a combination of read, write and search/execute permissions.
Whether or not to use ACLs is controlled by the following two options:
`--acls'
Enable POSIX ACLs support. When used with
`--create'
, this option instructs GNUtar
to store ACLs in the created archive. This implies POSIX.1-2001 archive format (`--format=pax'
).When used with
`--extract'
, this option tellstar
, to restore ACLs for each file extracted (provided they are present in the archive).`--no-acls'
Disable POSIX ACLs support. This is the default.
When listing the archive, if both `--acls'
and
`--verbose'
options are given, files that have ACLs are marked
with a plus sing following their permission mask. For example:
-rw-r--r--+ smith/users 110 2016-03-16 16:07 file |
When two or more `--verbose'
options are given, a detailed
listing of ACL is printed after each file entry:
-rw-r--r--+ smith/users 110 2016-03-16 16:07 file a: user::rw-,user:gray:-w-,group::r--,mask::rw-,other::r-- |
Security-Enhanced Linux (SELinux for short) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including so-called mandatory access controls (MAC). Support for SELinux attributes is controlled by the following command line options:
`--selinux'
- Enable the SELinux context support.
`--no-selinux'
- Disable SELinux context support.
[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
This document was generated on February, 23 2019 using texi2html 1.76.