Extended file attributes

AIX

In AIX, the JFS2 v2 filesystem supports extended attributes, which are accessible using the getea command. The getea, setea, listea, statea, and removeea APIs support fetching, setting, listing, getting information about, and removing extended attributes.

FreeBSD

In FreeBSD 5.0 and later, the UFS1 and UFS2 filesystems support extended attributes, using the extattr_ family of system calls. Any regular file may have a list of extended attributes. Each attribute consists of a name and the associated data. The name must be a null-terminated string, and exists in a namespace identified by a small-integer namespace identifier. Currently, two namespaces exist: user and system. The user namespace has no restrictions with regard to naming or contents. The system namespace is primarily used by the kernel for access control lists and mandatory access control.

Linux

In Linux, the ext2, ext3, ext4, JFS, Squashfs, Yaffs2, ReiserFS, XFS, Btrfs, OrangeFS, Lustre, OCFS2 1.6 and F2FS filesystems support extended attributes (abbreviated xattr) when enabled in the kernel configuration. Any regular file or directory may have extended attributes consisting of a name and associated data. The name must be a null-terminated string prefixed by a namespace identifier and a dot character. Currently, four namespaces exist: user, trusted, security and system. The user namespace has no restrictions with regard to naming or contents. The system namespace is primarily used by the kernel for access control lists. The security namespace is used by SELinux, for example.

Support for the extended attribute concept from a POSIX.1e draft that had been withdrawn in 1997 was added to Linux around 2003. As of 2016, they are not yet in widespread use by user-space Linux programs, but are used by Beagle, OpenStack Swift, Dropbox, KDE's semantic metadata framework (Baloo), Chromium, and cURL. A set of recommendations for using them is available at freedesktop.org.

The Linux kernel allows extended attribute to have names of up to 255 bytes and values of up to 64KiB, as do XFS and ReiserFS, but ext2/3/4 and btrfs impose much smaller limits, requiring all the attributes (names and values) of one file to fit in one 'filesystem block' (usually 4 KiB).

Extended attributes can be accessed and modified using the attr, getfattr and setfattr commands from the attr package, or the lsattr command from e2fsprogs package on most distributions.

macOS

Mac OS X 10.4 and later support extended attributes by making use of the HFS+ filesystem Attributes file B*-tree feature which allows for named forks. Although the named forks in HFS+ support arbitrarily large amounts of data through extents, the OS support for extended attributes only supports inline attributes, limiting their size to that which can fit within a single B*-tree node. Any regular file may have a list of extended attributes. HFS+ supports an arbitrary number of named forks, and it is unknown if macOS imposes any limit on the number of extended attributes. Each attribute consists of a name and the associated data. The name is a null-terminated Unicode string.

The macOS APIs support listing, getting, setting, and removing extended attributes from files or directories. From the command line, these abilities are exposed through the xattr utility.

In recent versions of macOS, files originating from the web are marked with com.apple.quarantine via extended file attributes. In some older versions of macOS (such as Mac OS X 10.6), user space extended attributes were not preserved on save in common Cocoa applications (TextEdit, Preview etc.).

OS/2

In OS/2 version 1.2 and later, the High Performance File System was designed with extended attributes in mind, but support for them was also retro-fitted on the FAT filesystem of DOS. For compatibility with other operating systems using a FAT partition, OS/2 attributes are stored inside a single file "EA DATA. SF" located in the root directory. This file is normally inaccessible when an operating system supporting extended attributes manages the disk, but can be freely manipulated under, for example, DOS. Files and directories having extended attributes use one or more clusters inside this file. The logical cluster number of the first used cluster is stored inside the owning file's or directory's directory entry. These two bytes are used for other purposes on the FAT32 filesystem, and hence OS/2 extended attributes cannot be stored on this filesystem.

Parts of OS/2 version 2.0 and later such as the Workplace Shell uses several standardized extended attributes (also called EAs) for purposes like identifying the filetype, comments, computer icons and keywords about the file. Programs written in the interpreted language Rexx store an already parsed version of the code as an extended attribute, to allow faster execution.

Solaris

Solaris version 9 and later allows files to have "extended attributes", which are actually forks; the maximum size of an "extended attribute" is the same as the maximum size of a file, and they are read and written in the same fashion as files. Internally, they are actually stored and accessed like normal files, so their names cannot contain "/" characters and their ownership and permissions can differ from those of the parent file.

Version 4 of the Network File System supports extended attributes in much the same way as Solaris.

Windows NT

On Windows NT, limited-length extended attributes are supported by FAT, HPFS, and NTFS. This was implemented as part of the OS/2 subsystem. They are notably used by the NFS server of the Interix POSIX subsystem in order to implement Unix-like permissions. The Windows Subsystem for Linux added in the Windows 10 Anniversary Update uses them for similar purposes, storing the Linux file mode, owner, device ID (if applicable), and file times in the extended attributes.

Additionally, NTFS can store infinite-length extended attributes in the form of alternate data streams (ADS), a type of resource fork. The Windows Subsystem for Linux uses these to store Linux file capabilities.