Start of change

xattr

Read syntax diagramSkip visual syntax diagramxattrsubcommandpathnameattrnameattrval

Function

xattr provides an alternative interface to some of the attributes that can be manipulated with chattr or queried with stat.

xattr and lxattr handle symlinks differently. For lxattr, the link itself is acted upon, while in xattr, the target of the link is used. xattr has limitations on attribute handling for symlink; for more information, see the usage notes.

Parameters

subcommand
The extended attributes function to be performed. You can use the following values:
create
If the attribute that was specified by attrname is not set, then the attribute is set to attrval. If the attribute is already set, an error message is displayed.
get
Obtains the value of the attribute that was specified by attrname into attrval.
list
Obtains a list of all attributes set on the path name into attrval.
remove
Removes the attribute that was specified by attrname.
replace
If the attribute that was specified by attrname is set, then it is replaced. If the attribute is not set, an error message is displayed.
set
Sets the attribute that was specified by attrname to the attrval value.
pathname
Path name of the file or directory.
attrname
Attribute name. Omit this parameter when the list function is requested.
attrval
Attribute value. For set, create, and replace, an input parameter that contains the value to be set. For get, an output parameter to receive the value. For list, an output parameter to receive the list of names. Omit this parameter for remove.

Usage notes

  1. For a list of attribute names, see the table in Changing extended attributes in z/OS UNIX System Services Programming: Assembler Callable Services Reference.
  2. Some of the attributes that are changed by the xattr service can also be changed by other services.
  3. If you are changing the mode, the effective UID of the calling process must match the file's owner UID, or the caller must have appropriate privileges. Setting the set-group-ID-on-execution permission (in mode) means that when this file is run (through the exec service), the effective GID of the caller is set to the file's owner GID. This way, the caller seems to be running under the GID of the file, rather than that of the actual invoker.
    The set-group-ID-on-execution permission is set to zero if both of the following statements are true:
    • The caller does not have appropriate privileges.
    • The GID of the file's owner does not match the effective GID, or one of the supplementary GIDs, of the caller.

    Setting the set-user-ID-on-execution permission (in mode) means that when this file is run, the process's effective UID is set to the file's owner UID. This way, the process seems to be running under the UID of the file's owner, rather than that of the actual invoker.

  4. When you are changing the owner UID of a file, the caller must have appropriate privileges. If you are changing the owner GID of a file, the caller must have appropriate privileges or meet all of these conditions:
    • The effective UID of the caller matches the file's owner UID.
    • The owner UID value that is specified in the change request matches the file's owner UID.
    • The GID value that is specified in the change request is the effective GID, or one of the supplementary GIDs, of the caller.
  5. For general attribute bits to be changed, the calling process must have write permission for the file.
  6. If you are changing the file size:
    • The change is made beginning from the first byte of the file. If the file was previously larger than the new size, the data from file_size to the original end of the file is removed. If the file was previously shorter than file_size, bytes between the old and new lengths are read as zeros. The file offset is not changed.
    • If file_size is greater than the current file size limit for the process, the request fails with EFBIG, and the SIGXFSZ signal is generated for the process.
    • Successful change clears the set-user-ID, the set-group-ID, and the save-text (sticky bit) attributes of the file, unless the caller is a superuser.
  7. If you are changing the times:
    • For the access time or the modification time to be set explicitly (with either st_atime or st_mtime with the new time), the effective ID must match that of the file's owner or the process must have appropriate privileges.
    • For the access time or modification time to be set to the current time (with either st_atime or st_mtime with -1), the effective ID must match that of the file's owner. In addition, the calling process must have write permission for the file or the process must have appropriate privileges.
    • For the change time or the reference time to be set explicitly (with either st_ctime or st_rtime with the new time), the effective ID must match that of the file's owner or the process must have appropriate privileges.
    • For the change time or reference time to be set to the current time (with either st_ctime or st_rtime with -1), the calling process must have write permission for the file.
    • When any attribute field is changed successfully, the file's change time is also updated.
  8. For auditor audit flags to be changed, the user must have auditor authority. The user with auditor authority can set the auditor options for any file, even for the ones that they do not have path access or authority to use for other purposes.

    Auditor authority is established by issuing the TSO/E command ALTUSER AUDITOR.

  9. For the user audit flags to be changed, the user must have appropriate privileges or be the owner of the file.
  10. The tagging of /dev/null, /dev/zero, /dev/random, and /dev/urandom is ignored.
End of change