LinuxCommandLibrary

getfattr

Display file's extended attributes

TLDR

Retrieve all extended attributes of a file and display them in a detailed format

$ getfattr [[-d|--dump]] [path/to/file]
copy

Get a specific attribute of a file
$ getfattr [[-n|--name]] user.[attribute_name] [path/to/file]
copy

SYNOPSIS

getfattr [options] [path...]

PARAMETERS

-d, --dump
    Dump names and values of all matching extended attributes

-n name, --name=name
    Display only the value of the named attribute

-m pattern, --match=pattern
    Only include attributes with names matching the shell pattern

-e en, --encoding=en
    Encode values as text or base64 ('text' or 'base64')

-R, --recursive
    Recurse into subdirectories

-L, --dereference
    Dereference symlinks (follow to target)

-h, --no-dereference
    Do not dereference symlinks

--absolute-names
    Use absolute paths in output

--help
    Display help and exit

--version
    Output version information

DESCRIPTION

getfattr is a Linux command-line tool for displaying extended attributes (xattrs) on filesystem objects like files and directories. Extended attributes extend traditional file metadata, allowing storage of additional data in key-value pairs organized into namespaces: user (user-defined, visible to all), trusted (privileged), security (e.g., SELinux labels), and system.

By default, getfattr lists user.* attributes. It supports dumping all matching attributes, querying specific ones, pattern matching, recursion, and output encoding (text or base64 for binary data). This is essential for managing custom metadata, security contexts, or ACLs (though getfacl is preferred for POSIX ACLs).

Common use cases include debugging application-stored metadata, auditing security labels, or scripting attribute verification. It requires filesystems supporting xattrs, such as ext4, XFS, or Btrfs. Privileged attributes need root or appropriate capabilities.

CAVEATS

Only user.* attributes visible to unprivileged users; trusted.* and security.* require root or CAP_SYS_ADMIN. Not all filesystems support xattrs (e.g., FAT lacks them). Binary attributes may need base64 encoding to avoid corruption.

EXAMPLES

getfattr -d file.txt
Dump all user attributes.

getfattr -n user.mime_type -e base64 /path/to/file
Get specific binary attribute.

getfattr -R -m 'security.*' /dir
Recursively list security labels.

HISTORY

Introduced in the attr package by Andreas Gruenbacher around 2000, implementing POSIX.1e draft support for extended attributes on Linux. Widely used since kernel 2.4+ with xattr filesystem patches.

SEE ALSO

setfattr(1), attr(5), getfacl(1), setfacl(1), chattr(1), lsattr(1)

Copied to clipboard