summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDale Rahn <drahn@cvs.openbsd.org>2002-02-22 21:06:02 +0000
committerDale Rahn <drahn@cvs.openbsd.org>2002-02-22 21:06:02 +0000
commit1d92313f073bd55b1a9fce687135131c4fb4ab04 (patch)
treed7ca8e8fd38dcc06f5838d481585cf48c05e41d4
parent8f81909534e584dab7224a602e56410dc5792b0a (diff)
Extended Attribute support, from FreeBSD/TrustedBSD. ok art@ deraadt@
libc support pieces
-rw-r--r--lib/libc/Makefile.inc3
-rw-r--r--lib/libc/posix1e/Makefile.inc11
-rw-r--r--lib/libc/posix1e/extattr.398
-rw-r--r--lib/libc/posix1e/extattr_name.c79
-rw-r--r--lib/libc/posix1e/posix1e.383
-rw-r--r--lib/libc/sys/Makefile.inc14
-rw-r--r--lib/libc/sys/extattr_get_file.2222
7 files changed, 508 insertions, 2 deletions
diff --git a/lib/libc/Makefile.inc b/lib/libc/Makefile.inc
index 27b8e06d65e..46b7d97b43f 100644
--- a/lib/libc/Makefile.inc
+++ b/lib/libc/Makefile.inc
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.inc,v 1.5 2001/11/20 01:09:38 pvalchev Exp $
+# $OpenBSD: Makefile.inc,v 1.6 2002/02/22 21:06:00 drahn Exp $
#
# This file contains make rules that are shared by libc and libc_r.
#
@@ -49,6 +49,7 @@ AINC+= -nostdinc -idirafter ${DESTDIR}/usr/include
.include "${LIBCSRCDIR}/thread/Makefile.inc"
.include "${LIBCSRCDIR}/time/Makefile.inc"
.include "${LIBCSRCDIR}/sys/Makefile.inc"
+.include "${LIBCSRCDIR}/posix1e/Makefile.inc"
.if (${YP:L} == "yes")
.include "${LIBCSRCDIR}/yp/Makefile.inc"
.endif
diff --git a/lib/libc/posix1e/Makefile.inc b/lib/libc/posix1e/Makefile.inc
new file mode 100644
index 00000000000..500755ec237
--- /dev/null
+++ b/lib/libc/posix1e/Makefile.inc
@@ -0,0 +1,11 @@
+# $OpenBSD: Makefile.inc,v 1.1 2002/02/22 21:06:00 drahn Exp $
+
+.PATH: ${.CURDIR}/../libc/posix1e
+
+SRCS+= extattr_name.c
+
+MAN+= posix1e.3 \
+ extattr.3
+
+MLINKS+= extattr.3 extattr_namespace_to_string.3 \
+ extattr.3 extattr_string_to_namespace.3
diff --git a/lib/libc/posix1e/extattr.3 b/lib/libc/posix1e/extattr.3
new file mode 100644
index 00000000000..f446c3221c8
--- /dev/null
+++ b/lib/libc/posix1e/extattr.3
@@ -0,0 +1,98 @@
+.\" $OpenBSD: extattr.3,v 1.1 2002/02/22 21:06:00 drahn Exp $
+.\"
+.\" Copyright (c) 2001 Dima Dorfman <dd@FreeBSD.org>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: extattr.3,v 1.3 2001/10/01 16:09:18 ru Exp $
+.\"
+.Dd June 24, 2001
+.Dt EXTATTR 3
+.Os
+.Sh NAME
+.Nm extattr_namespace_to_string ,
+.Nm extattr_string_to_namespace
+.Nd convert an extended attribute namespace identifier to a string and
+vice versa
+.Sh SYNOPSIS
+.In sys/extattr.h
+.In libutil.h
+.Ft int
+.Fn extattr_namespace_to_string "int attrnamespace" "char **string"
+.Ft int
+.Fn extattr_string_to_namespace "const char *string" "int *attrnamespace"
+.Sh DESCRIPTION
+The
+.Fn extattr_namespace_to_string
+function converts a VFS extended attribute identifier to a human-readable
+string;
+the
+.Fn extattr_string_to_namespace
+function undoes the aforementioned operation,
+and converts a human-readable string representing a namespace to a
+namespace identifier.
+Although a filesystem may implement arbitrary namespaces,
+these functions only support the
+.Dv EXTATTR_NAMESPACE_USER
+.Pq Dq user
+and
+.Dv EXTATTR_NAMESPACE_SYSTEM
+.Pq Dq system
+namespaces,
+which are defined in
+.Xr extattr 9 .
+.Pp
+These functions are meant to be used in error reporting and other
+interactive tasks.
+For example,
+instead of printing the integer identifying an extended attribute in
+an error message,
+a program might use
+.Fn extattr_namespace_to_string
+to obtain a human-readable representation.
+Likewise,
+instead of requiring a user to enter the integer representing a namespace,
+an interactive program might ask for a name and use
+.Fn extattr_string_to_namespace
+to get the desired identifier.
+.Sh RETURN VALUES
+If any of the calls are unsuccessful, the value \-1 is returned
+and the global variable
+.Va errno
+is set to indicate the error.
+.Sh ERRORS
+.Bl -tag -width Er
+.It Bq Er EINVAL
+The requested namespace could not be identified.
+.El
+.Sh SEE ALSO
+.Xr extattr 2 ,
+.Xr getextattr 8 ,
+.Xr setextattr 8 ,
+.Xr extattr 9
+.Sh HISTORY
+Extended attribute support was developed as part of the
+.Tn TrustedBSD
+Project.
+It was developed to support security extensions requiring additional labels
+to be associated with each file or directory.
diff --git a/lib/libc/posix1e/extattr_name.c b/lib/libc/posix1e/extattr_name.c
new file mode 100644
index 00000000000..73496592826
--- /dev/null
+++ b/lib/libc/posix1e/extattr_name.c
@@ -0,0 +1,79 @@
+/* $OpenBSD: extattr_name.c,v 1.1 2002/02/22 21:06:00 drahn Exp $ */
+/*-
+ * Copyright (c) 2001 Robert N. M. Watson
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+__FBSDID("$FreeBSD: extattr.c,v 1.3 2001/09/30 22:35:07 dillon Exp $");
+*/
+
+/*
+ * TrustedBSD: Utility functions for extended attributes.
+ */
+
+#include <sys/types.h>
+#include <sys/extattr.h>
+
+#include <errno.h>
+#include <string.h>
+
+int
+extattr_namespace_to_string(int attrnamespace, char **string)
+{
+
+ switch(attrnamespace) {
+ case EXTATTR_NAMESPACE_USER:
+ if (*string != NULL)
+ *string = strdup(EXTATTR_NAMESPACE_USER_STRING);
+ return (0);
+
+ case EXTATTR_NAMESPACE_SYSTEM:
+ if (*string != NULL)
+ *string = strdup(EXTATTR_NAMESPACE_SYSTEM_STRING);
+ return (0);
+
+ default:
+ errno = EINVAL;
+ return (-1);
+ }
+}
+
+int
+extattr_string_to_namespace(const char *string, int *attrnamespace)
+{
+
+ if (!strcmp(string, EXTATTR_NAMESPACE_USER_STRING)) {
+ if (attrnamespace != NULL)
+ *attrnamespace = EXTATTR_NAMESPACE_USER;
+ return (0);
+ } else if (!strcmp(string, EXTATTR_NAMESPACE_SYSTEM_STRING)) {
+ if (attrnamespace != NULL)
+ *attrnamespace = EXTATTR_NAMESPACE_SYSTEM;
+ return (0);
+ } else {
+ errno = EINVAL;
+ return (-1);
+ }
+}
diff --git a/lib/libc/posix1e/posix1e.3 b/lib/libc/posix1e/posix1e.3
new file mode 100644
index 00000000000..b86cc40068b
--- /dev/null
+++ b/lib/libc/posix1e/posix1e.3
@@ -0,0 +1,83 @@
+.\" $OpenBSD: posix1e.3,v 1.1 2002/02/22 21:06:00 drahn Exp $
+.\"-
+.\" Copyright (c) 2000 Robert N. M. Watson
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: src/lib/libc/posix1e/posix1e.3,v 1.19 2001/09/11 09:26:38 ru Exp $
+.\"
+.Dd January 17, 2000
+.Dt POSIX1E 3
+.Os
+.Sh NAME
+.Nm posix1e
+.Nd introduction to the POSIX.1e security API
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/types.h
+.Sh DESCRIPTION
+The IEEE POSIX.1e specification never left draft form, but the interfaces
+it describes are now widely used despite inherent limitations. Currently,
+only a few of the interfaces and features are implemented in
+.Ox ,
+although efforts are underway to complete the integration at this time.
+.Pp
+POSIX.1e describes five security extensions to the base POSIX.1 API:
+Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access
+Control, and Information Flow Labels.
+.Pp
+POSIX.1e defines both syntax and semantics for these features, but fairly
+substantial changes are required to implement these features in the
+operating system.
+.Sh IMPLEMENTATION NOTES
+.Fx Ns 's
+support for POSIX.1e interfaces and features is still under
+development at this time.
+.Sh ENVIRONMENT
+POSIX.1e assigns security labels to all objects, extending the security
+functionality described in POSIX.1. These additional labels provide
+fine-grained discretionary access control, fine-grained capabilities,
+and labels necessary for mandatory access control. POSIX.2c describes
+a set of userland utilities for manipulating these labels.
+.Sh FILES
+.Sh SEE ALSO
+.Xr extattr 9
+.Sh STANDARDS
+POSIX.1e is described in IEEE POSIX.1e draft 17. Discussion
+of the draft continues on the cross-platform POSIX.1e implementation
+mailing list. To join this list, see the
+.Ox
+POSIX.1e implementation
+page for more information.
+.Sh HISTORY
+POSIX.1e support was introduced in
+.Ox 3.1
+and development continues.
+.Sh AUTHORS
+.An Robert N M Watson
+.An Chris D. Faulhaber
+.An Thomas Moestl
+.An Ilmar S Habibulin
+.Sh BUGS
+These features are not yet fully implemented.
diff --git a/lib/libc/sys/Makefile.inc b/lib/libc/sys/Makefile.inc
index 1505d12c36c..365a30a28b1 100644
--- a/lib/libc/sys/Makefile.inc
+++ b/lib/libc/sys/Makefile.inc
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.inc,v 1.50 2002/02/21 21:19:20 art Exp $
+# $OpenBSD: Makefile.inc,v 1.51 2002/02/22 21:06:01 drahn Exp $
# $NetBSD: Makefile.inc,v 1.35 1995/10/16 23:49:07 jtc Exp $
# @(#)Makefile.inc 8.1 (Berkeley) 6/17/93
@@ -61,6 +61,10 @@ ASM= accept.o access.o acct.o adjtime.o bind.o chdir.o chflags.o chmod.o \
utimes.o vadvise.o wait4.o write.o writev.o xfspioctl.o __semctl.o \
__syscall.o __sysctl.o
+ASM+= extattrctl.o extattr_set_file.o extattr_get_file.o \
+ extattr_delete_file.o extattr_set_fd.o extattr_get_fd.o \
+ extattr_delete_fd.o
+
GASM= ${ASM:.o=.go}
PASM= ${ASM:.o=.po}
SASM= ${ASM:.o=.so}
@@ -226,6 +230,14 @@ MAN+= accept.2 access.2 acct.2 adjtime.2 bind.2 brk.2 chdir.2 chflags.2 \
sysarch.2 syscall.2 truncate.2 umask.2 unlink.2 utimes.2 vfork.2 \
wait.2 write.2
+MAN+= extattr_get_file.2
+MLINKS+=extattr_get_file.2 extattr_set_file.2 \
+ extattr_get_file.2 extattr_delete_file.2 \
+ extattr_get_file.2 extattr_get_fd.2 \
+ extattr_get_file.2 extattr_set_fd.2 \
+ extattr_get_file.2 extattr_delete_fd.2 \
+ extattr_get_file.2 extattr.2
+
MAN+= msgctl.2 shmctl.2 shmat.2 semop.2 semget.2 semctl.2 msgsnd.2 msgrcv.2 \
msgget.2 shmget.2
diff --git a/lib/libc/sys/extattr_get_file.2 b/lib/libc/sys/extattr_get_file.2
new file mode 100644
index 00000000000..c20699875a7
--- /dev/null
+++ b/lib/libc/sys/extattr_get_file.2
@@ -0,0 +1,222 @@
+.\" $OpenBSD: extattr_get_file.2,v 1.1 2002/02/22 21:06:01 drahn Exp $
+.\"
+.\" Copyright (c) 2001 Dima Dorfman <dima@unixfreak.org>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: extattr_get_file.2,v 1.7 2002/02/10 04:46:28 rwatson Exp $
+.\"
+.Dd March 28, 2001
+.Dt EXTATTR 2
+.Os
+.Sh NAME
+.Nm extattr_get_fd ,
+.Nm extattr_set_fd ,
+.Nm extattr_delete_fd ,
+.Nm extattr_get_file ,
+.Nm extattr_set_file ,
+.Nm extattr_delete_file
+.Nd system calls to manipulate VFS extended attributes
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/types.h
+.In sys/extattr.h
+.In sys/uio.h
+.Ft ssize_t
+.Fn extattr_get_fd "int fd" "int attrnamespace" "const char *attrname" "void *data" "size_t nbytes"
+.Ft int
+.Fn extattr_set_fd "int fd" "int attrnamespace" "const char *attrname" "const void *data" "size_t nbytes"
+.Ft int
+.Fn extattr_delete_fd "int fd" "int attrnamespace" "const char *attrname"
+.Ft ssize_t
+.Fn extattr_get_file "const char *path" "int attrnamespace" "const char *attrname" "void *data" "size_t nbytes"
+.Ft int
+.Fn extattr_set_file "const char *path" "int attrnamespace" "const char *attrname" "const void *data" "size_t nbytes"
+.Ft int
+.Fn extattr_delete_file "const char *path" "int attrnamespace" "const char *attrname"
+.Sh DESCRIPTION
+Named extended attributes are meta-data associated with vnodes
+representing files and directories.
+They exist as
+.Qq Li name=value
+pairs within a set of namespaces.
+The
+.Fn extattr_get_file
+call retrieves the value of the specified extended attribute into
+a buffer pointed to by
+.Fa data
+of size
+.Fa nbytes
+.
+The
+.Fn extattr_set_file
+call sets the value of the specified extended attribute to the data
+described by
+.Fa data .
+The
+.Fn extattr_delete_file
+call deletes the extended attribute specified.
+The
+.Fn extattr_get_file
+and
+.Fn extattr_set_file
+calls consume the
+.Fa data
+and
+.Fa nbytes
+arguments in the style of
+.Xr read 2
+and
+.Xr write 2 ,
+respectively.
+If
+.Fa data
+is
+.Dv NULL
+in a call to
+.Fn extattr_get_file
+then the size of defined extended attribute data will be returned, rather
+than the quantity read, permitting applications to test the size of the
+data without performing a read.
+.Pp
+The
+.Fn extatttr_get_fd ,
+.Fn extattr_set_fd ,
+and
+.Fn extattr_delete_fd
+calls are identical to their
+.Qq Li _file
+counterparts except for the first argument.
+The
+.Qq Li _fd
+functions take a file descriptor, while the
+.Qq Li _file
+functions take a path.
+Both arguments describe a file associated with the extended attribute
+that should be manipulated.
+.Pp
+The following arguments are common to all the system calls described here:
+.Bl -tag -width attrnamespace
+.It Fa attrnamespace
+the namespace in which the extended attribute resides; see
+.Xr extattr 9
+.It Fa attrname
+the name of the extended attribute
+.El
+.Pp
+Named extended attribute semantics vary by filesystem implementing the call.
+Not all operations may be supported for a particular attribute.
+Additionally, the format of the data in
+.Fa data
+is attribute-specific.
+.Pp
+For more information on named extended attributes, please see
+.Xr extattr 9 .
+.Sh CAVEAT
+This interface is under active development, and as such is subject to
+change as applications are adapted to use it.
+Developers are discouraged from relying on its stability.
+.Sh RETURN VALUES
+If successful, the
+.Fn extattr_get_file
+and
+.Fn extattr_set_file
+calls return the number of bytes
+that were read or written from the
+.Fa data ,
+respectively, or if
+.Fa data
+was
+.Dv NULL ,
+then
+.Fn extattr_get_file
+returns the number of bytes available to read.
+If any of the calls are unsuccessful, the value \-1 is returned
+and the global variable
+.Va errno
+is set to indicate the error.
+.Pp
+.Rv -std extattr_delete_file
+.Sh ERRORS
+The following errors may be returned by the system calls themselves.
+Additionally, the filesystem implementing the call may return any
+other errors it desires.
+.Bl -tag -width Er
+.It Bq Er EFAULT
+.Fa attrnamespace ,
+.Fa attrname ,
+or the memory range defined by
+.Fa data
+and
+.Fa nbytes
+points outside the process's allocated address space.
+.It Bq Er ENAMETOOLONG
+The attribute name was longer than
+.Dv EXTATTR_MAXNAMELEN .
+.El
+.Pp
+The
+.Fn extattr_get_fd ,
+.Fn extattr_set_fd ,
+and
+.Fn extattr_delete_fd
+functions may also fail if:
+.Bl -tag -width Er
+.It Bq Er EBADF
+The file descriptor referenced by
+.Fa fd
+was invalid.
+.El
+.Pp
+Additionally, the
+.Fn extattr_get_file ,
+.Fn extattr_set_file ,
+and
+.Fn extattr_delete_file
+calls may also fail due to the following errors:
+.Bl -tag -width Er
+.It Bq Er ENOTDIR
+A component of the path prefix is not a directory.
+.It Bq Er ENAMETOOLONG
+A component of a pathname exceeded 255 characters,
+or an entire path name exceeded 1023 characters.
+.It Bq Er ENOENT
+A component of the path name that must exist does not exist.
+.It Bq Er EACCES
+Search permission is denied for a component of the path prefix.
+.\" XXX are any missing?
+.El
+.Sh SEE ALSO
+.Xr extattr 3 ,
+.Xr extattrctl 8 ,
+.Xr getextattr 8 ,
+.Xr setextattr 8 ,
+.Xr extattr 9 ,
+.Sh HISTORY
+Extended attribute support was developed as part of the
+.Tn TrustedBSD
+Project, and introduced in
+.Ox 3.1 .
+It was developed to support security extensions requiring additional labels
+to be associated with each file or directory.