getfattr

Retrieve all extended attributes of a file and display them in a detailed format

$ getfattr [[-d|--dump]] [path/to/file]

$ getfattr [[-n|--name]] user.[attribute_name] [path/to/file]

getfattr [-h] [-d] [-m pattern] [-e en] [-c] [-v] [--only-values] -n name | --all files...

-h
    Help: Display a help message and exit.

-d
    Dump: Dump all attributes of the file. This is equivalent to using the '--all' option.

-m pattern
    Match: Only dump attributes matching the specified pattern. The pattern is a regular expression.

-e en
    Encoding: Encode values after retrieving them. Possible values are 'text', 'hex', 'base64'.

-c
    Derefrence: Dereference symbolic links.

-v
    Version: Display version information and exit.

--only-values
    Only Values: Only display the values of the attributes, without the attribute names.

-n name
    Name: Only display the attribute with the specified name.

--all
    All: Dump all attributes of the file.

files...
    Files: One or more files or directories to retrieve the attributes from.

The getfattr command retrieves extended attributes associated with files and directories in a Linux filesystem. Extended attributes are name:value pairs that allow users and administrators to store metadata beyond the standard attributes like timestamps and permissions. These attributes can be used to store application-specific data, security labels (e.g., SELinux context), access control lists (ACLs), or any other custom metadata. getfattr allows you to view these attributes for one or more files.

The main use case for this command is for debugging and viewing the extended attributes of a file or directory. It's a core utility for anyone administering systems that rely on extended attributes for security, access control, or application functionality. Understanding extended attributes and how to use getfattr is crucial for effective system administration in many Linux environments.

The command requires appropriate file permissions to read the extended attributes. Not all filesystems support extended attributes. On filesystems that do, the attributes need to be enabled. On some systems attributes could be unavailable for all users depending on mount options.

The getfattr command returns 0 on success, and a non-zero value on failure. Common reasons for failure include: insufficient permissions, invalid command-line arguments, or attempting to retrieve attributes from a file or filesystem that does not support them.

getfattr -d myfile: Displays all extended attributes of the file 'myfile'.
getfattr -n user.comment myfile: Displays only the 'user.comment' attribute of the file 'myfile'.
getfattr --only-values -n user.comment myfile: Displays only the value of the 'user.comment' attribute of 'myfile'.

The getfattr command is part of the attr package. This package has been a standard utility on many Linux distributions for managing extended attributes. The concept of extended attributes has been around for a while to allow users to store additional metadata on files and directories. The specific implementation details and the attr package have evolved over time. It's been a stable tool for a long period, widely used across different systems to manage filesystem metadata.

setfattr(1), attr(5)