Extended Attribute support, from FreeBSD/TrustedBSD. ok art@ deraadt@

12 files changed, 914 insertions, 2 deletions

diff --git a/share/man/man4/options.4 b/share/man/man4/options.4
index 9a60c37c26d..f95e0c8cda1 100644
--- a/share/man/man4/options.4
+++ b/share/man/man4/options.4
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: options.4,v 1.93 2002/02/14 22:57:46 art Exp $
+.\"	$OpenBSD: options.4,v 1.94 2002/02/22 21:13:18 drahn Exp $
 .\"	$NetBSD: options.4,v 1.21 1997/06/25 03:13:00 thorpej Exp $
 .\"
 .\" Copyright (c) 1998 Theo de Raadt
@@ -514,6 +514,8 @@ With this option, only the superuser can set them, and they can't be cleared
 if the securelevel is greater than 0.
 See also
 .Xr chflags 1 .
+.It Cd option UFS_EXTATTR
+This option enables Extended Attribute support for UFS filesystems.
 .El
 .Ss Miscellaneous Options
 .Bl -ohang
diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index cf55472dd97..e2269294371 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.46 2002/02/15 02:01:01 art Exp $
+#	$OpenBSD: Makefile,v 1.47 2002/02/22 21:13:18 drahn Exp $
 #	$NetBSD: Makefile,v 1.4 1996/01/09 03:23:01 thorpej Exp $
 
 #	Makefile for section 9 (kernel function and variable) manual pages.
@@ -6,6 +6,7 @@
 MAN=	altq.9 audio.9 boot.9 bus_dma.9 bus_space.9 copy.9 crypto.9 ctxsw.9 \
 	disk.9 disklabel.9 \
 	dohooks.9 dopowerhooks.9 doshutdownhooks.9 dostartuphooks.9 \
+	extattr.9 \
 	fetch.9 fork1.9 extent.9 \
 	hardclock.9 hook_establish.9 hz.9 hzto.9 intro.9 inittodr.9 log.9 \
 	kthread.9 malloc.9 mbuf.9 mbuf_tags.9 md5.9 microtime.9 \
diff --git a/share/man/man9/extattr.9 b/share/man/man9/extattr.9
new file mode 100644
index 00000000000..f8e59fce780
--- /dev/null
+++ b/share/man/man9/extattr.9
@@ -0,0 +1,88 @@
+.\"-
+.\" Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: extattr.9,v 1.9 2001/10/01 16:09:24 ru Exp $
+.\"
+.Dd December 23, 1999
+.Os
+.Dt EXTATTR 9
+.Sh NAME
+.Nm extattr
+.Nd virtual file system named extended attributes
+.Sh SYNOPSIS
+.In sys/param.h
+.In sys/vnode.h
+.In sys/extattr.h
+.Sh DESCRIPTION
+Named extended attributes allow additional meta-data to be associated
+with vnodes representing files and directories.
+The semantics of this additional data is that of a "name=value" pair, where
+a name may be defined or undefined, and if defined, associated with zero or
+more bytes of arbitrary binary data.
+Extended attribute names exist within a set of namespaces; each operation
+on an extended attribute is required to provide the namespace to which to
+operation refers.
+If the same name is present in multiple namespaces, the extended attributes
+associated with the names are stored and manipulated independently.
+The following two namespaces are defined universally, although individual
+file systems may implement additional namespaces, or not implement
+these namespaces:
+.Dv EXTATTR_NAMESPACE_USER ,
+.Dv EXTATTR_NAMESPACE_SYSTEM .
+The semantics of these attributes are intended to be as follows: user
+attribute data is protected according the normal discretionary
+and mandatory protections associated with the data in the file or
+directory; system attribute data is protected such that appropriate
+privilege is required to directly access or manipulate these attributes.
+.Pp
+Reads of extended attribute data may return specific contiguous regions of
+the meta-data, in the style of
+.Xr VOP_READ 9 ,
+but writes will replace the entire current "value" associated with
+a given name.
+As there are a plethora of file systems with differing extended attributes,
+availability and functionality of these functions may be limited, and they
+should be used with awareness of the underlying semantics of the supporting
+file system.
+Authorization schemes for extended attribute data may also vary by file
+system, as well as maximum attribute size, and whether or not any or
+specific new attributes may be defined.
+.Pp
+Extended attributes are named using a null-terminated character string.
+Depending on underlying file system semantics, this name may or may not be
+case-sensitive.  Appropriate vnode extended attribute calls are:
+.Xr VOP_GETEXTATTR 9
+and
+.Xr VOP_SETEXTATTR 9 .
+.Sh AUTHORS
+This man page was written by
+.An Robert Watson .
+.Sh BUGS
+In addition, the interface does not provide a mechanism to retrieve
+the current set of available attributes; it has been suggested that
+providing a
+.Dv NULL
+attribute name should cause a list of defined attributes for the passed file
+or directory, but this is not currently implemented.
diff --git a/usr.sbin/extattrctl/Makefile b/usr.sbin/extattrctl/Makefile
new file mode 100644
index 00000000000..c86b6997d8f
--- /dev/null
+++ b/usr.sbin/extattrctl/Makefile
@@ -0,0 +1,6 @@
+#	$OpenBSD: Makefile,v 1.1 2002/02/22 21:09:06 drahn Exp $
+
+PROG=	extattrctl
+MAN=	extattrctl.8
+
+.include <bsd.prog.mk>
diff --git a/usr.sbin/extattrctl/extattrctl.8 b/usr.sbin/extattrctl/extattrctl.8
new file mode 100644
index 00000000000..4d92e6b656c
--- /dev/null
+++ b/usr.sbin/extattrctl/extattrctl.8
@@ -0,0 +1,167 @@
+.\"       $OpenBSD: extattrctl.8,v 1.1 2002/02/22 21:09:06 drahn Exp $
+.\"-
+.\" Copyright (c) 2000, 2001 Robert N. M. Watson
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"       $FreeBSD: extattrctl.8,v 1.17 2001/07/09 09:54:16 dd Exp $
+.\"
+.Dd March 30, 2000
+.Dt EXTATTRCTL 8
+.Os
+.Sh NAME
+.Nm extattrctl
+.Nd manage FFS extended attributes
+.Sh SYNOPSIS
+.Nm
+.Cm start
+.Ar path
+.Nm
+.Cm stop
+.Ar path
+.Nm
+.Cm initattr
+.Op Fl f
+.Op Fl p Ar path
+.Ar attrsize
+.Ar attrfile
+.Nm
+.Cm enable
+.Ar path
+.Ar attrnamespace
+.Ar attrname
+.Ar attrfile
+.Nm
+.Cm disable
+.Ar path
+.Ar attrnamespace
+.Ar attrname
+.Sh DESCRIPTION
+.Nm
+is the management utility for extended attributes over the FFS file system.
+.Nm
+allows the starting and stopping of extended attributes on a file system,
+as well as initialization of attribute backing files, and enabling and
+disabling of specific extended attributes on a file system.
+.Pp
+The first argument on the command line indicates the operation to be
+performed.
+Operation must be one of the following:
+.Bl -tag -width indent
+.It Cm start Ar path
+Start extended attribute support on the file system named using
+.Ar path .
+The file system must be an FFS file system, and the UFS_EXTATTR kernel
+option must have been enabled.
+.It Cm stop Ar path
+Stop extended attribute support on the file system named using
+.Ar path .
+Extended attribute support must previously have been started.
+.It Xo
+.Cm initattr
+.Op Fl f
+.Op Fl p Ar path
+.Ar attrsize attrfile
+.Xc
+Create and initialize a file to use as an attribute backing file.
+You must specify a maximum per-inode size for the attribute in bytes in
+.Ar attrsize ,
+as well as the file where the attribute will be stored, using
+.Ar attrfile .
+.Pp
+The
+.Fl f
+argument may be used to indicate that it is alright to overwrite an
+existing attribute backing file; otherwise, if the target file exists,
+an error will be returned.
+.Pp
+The
+.Fl p Ar path
+argument may be used to preallocate space for all attributes rather than
+relying on sparse files to conserve space.
+This has the advantage of guaranteeing that space will be available
+for attributes when they are written, preventing low disk space conditions
+from denying attribute service.
+.Pp
+This file should not exist before running
+.Cm initattr .
+.It Cm enable Ar path attrnamespace attrname attrfile
+Enable an attribute named
+.Ar attrname
+in the namespace
+.Ar attrnamespace
+on the file system identified using
+.Ar path ,
+and backed by initialized attribute file
+.Ar attrfile .
+Available namespaces are "user" and "system".
+The backing file must have been initialized using
+.Cm initattr
+before its first use.
+Attributes must have been started on the file system prior to the
+enabling of any attributes.
+.It Cm disable Ar path attrnamespace attrname
+Disable the attributed named
+.Ar attrname
+in namespace
+.Ar attrnamespace
+on the file system identified by
+.Ar path .
+Available namespaces are "user" and "system".
+The file system must have attributes started on it, and the attribute
+most have been enabled using
+.Cm enable .
+.El
+.Sh EXAMPLES
+.Dl extattrctl start /
+.Pp
+Start extended attributes on the root file system.
+.Pp
+.Dl extattrctl initattr 17 /.attribute/md5
+.Pp
+Create an attribute backing file in /.attribute/md5, and set the maximum
+size of each attribute to 17 bytes, with a sparse file used for storing
+the attributes.
+.Pp
+.Dl extattrctl enable / system md5 /.attribute/md5
+.Pp
+Enable an attribute named md5 on the root file system, backed from the file
+/.attribute/md5.
+.Pp
+.Dl extattrctl disable / md5
+.Pp
+Disable the attribute named md5 on the root file system.
+.Pp
+.Dl extattrctl stop /
+.Pp
+Stop extended attributes on the root file system.
+.Sh SEE ALSO
+.Xr getextattr 8 ,
+.Xr setextattr 8 ,
+.Xr extattr 9
+.Sh HISTORY
+Extended attribute support was developed as part of the TrustedBSD Project.
+It was developed to support security extensions requiring additional labels
+to be associated with each file or directory.
+.Sh AUTHORS
+Robert N M Watson
diff --git a/usr.sbin/extattrctl/extattrctl.c b/usr.sbin/extattrctl/extattrctl.c
new file mode 100644
index 00000000000..bc493060cca
--- /dev/null
+++ b/usr.sbin/extattrctl/extattrctl.c
@@ -0,0 +1,227 @@
+/*	$OpenBSD: extattrctl.c,v 1.1 2002/02/22 21:09:06 drahn Exp $	*/
+/*-
+ * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: extattrctl.c,v 1.13 2001/03/19 06:00:41 rwatson Exp $
+ */
+/*
+ * TrustedBSD Project - extended attribute support for UFS-like file systems
+ */
+
+#include <sys/types.h>
+#include <sys/uio.h>
+#include <sys/extattr.h>
+#include <sys/param.h>
+#include <sys/mount.h>
+
+#include <ufs/ufs/extattr.h>
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+extern char	*optarg;
+extern int	optind;
+
+void
+usage(void)
+{
+
+	fprintf(stderr,
+	    "usage:\n"
+	    "  extattrctl start [path]\n"
+	    "  extattrctl stop [path]\n"
+	    "  extattrctl initattr [-f] [-p path] [attrsize] [attrfile]\n"
+	    "  extattrctl enable [path] [attrnamespace] [attrname] [attrfile]\n"
+	    "  extattrctl disable [path] [attrnamespace] [attrname]\n");
+	exit(1);
+}
+
+long
+num_inodes_by_path(char *path)
+{
+	struct statfs	buf;
+	int	error;
+
+	error = statfs(path, &buf);
+	if (error) {
+		perror("statfs");
+		return (-1);
+	}
+	printf("num files %d\n");
+
+	return (buf.f_files);
+}
+
+int
+initattr(int argc, char *argv[])
+{
+	struct ufs_extattr_fileheader	uef;
+	char	*fs_path = NULL;
+	char	*zero_buf = NULL;
+	long	loop, num_inodes;
+	int	ch, i, error, chunksize, overwrite = 0, flags;
+
+	optind = 0;
+	while ((ch = getopt(argc, argv, "fp:r:w:")) != -1)
+		switch (ch) {
+		case 'f':
+			overwrite = 1;
+			break;
+		case 'p':
+			if ((fs_path = strdup(optarg)) == NULL) {
+				perror("strdup");
+				return(-1);
+			}
+			break;
+		case '?':
+		default:
+			usage();
+		}
+
+	argc -= optind;
+	argv += optind;
+
+	if (argc != 2)
+		usage();
+
+	if (overwrite)
+		flags = O_CREAT | O_WRONLY;
+	else
+		flags = O_CREAT | O_EXCL | O_WRONLY;
+
+	error = 0;
+	if ((i = open(argv[1], flags, 0600)) != -1) {
+		uef.uef_magic = UFS_EXTATTR_MAGIC;
+		uef.uef_version = UFS_EXTATTR_VERSION;
+		uef.uef_size = atoi(argv[0]);
+		if (write(i, &uef, sizeof(uef)) == -1)
+			error = -1;
+		else if (fs_path) {
+			chunksize = sizeof(struct ufs_extattr_header) +
+			    uef.uef_size;
+			zero_buf = (char *) (malloc(chunksize));
+			if (zero_buf == NULL) {
+				perror("malloc");
+				unlink(argv[1]);
+				return (-1);
+			}
+			memset(zero_buf, 0, chunksize);
+			num_inodes = num_inodes_by_path(fs_path);
+			for (loop = 0; loop < num_inodes; loop++) {
+				error = write(i, zero_buf, chunksize);
+				if (error != chunksize) {
+					perror("write");
+					unlink(argv[1]);
+					return (-1);
+				}
+			}
+		}
+	}
+	if (i == -1) {
+		/* unable to open file */
+		perror(argv[1]);
+		return (-1);
+	}
+	if (error == -1) {
+		perror(argv[1]);
+		unlink(argv[1]);
+		return (-1);
+	}
+
+	return (0);
+}
+
+int
+main(int argc, char **argv)
+{
+	int	error = 0, attrnamespace;
+
+	if (argc < 2)
+		usage();
+
+	if (!strcmp(argv[1], "start")) {
+		if (argc != 3)
+			usage();
+		error = extattrctl(argv[2], UFS_EXTATTR_CMD_START, NULL, 0,
+		    NULL);
+		if (error) {
+			perror("extattrctl start");
+			return (1);
+		}
+		return (0);
+	} else if (!strcmp(argv[1], "stop")) {
+		if (argc != 3)
+			usage();
+		error = extattrctl(argv[2], UFS_EXTATTR_CMD_STOP, NULL, 0,
+		   NULL);
+		if (error) {
+			perror("extattrctl stop");
+			return (1);
+		}
+		return (0);
+	} else if (!strcmp(argv[1], "enable")) {
+		if (argc != 6)
+			usage();
+		error = extattr_string_to_namespace(argv[3], &attrnamespace);
+		if (error) {
+			perror("extattrctl enable");
+			return (1);
+		}
+		error = extattrctl(argv[2], UFS_EXTATTR_CMD_ENABLE, argv[5],
+		    attrnamespace, argv[4]);
+		if (error) {
+			perror("extattrctl enable");
+			return (1);
+		}
+		return (0);
+	} else if (!strcmp(argv[1], "disable")) {
+		if (argc != 5)
+			usage();
+		error = extattr_string_to_namespace(argv[3], &attrnamespace);
+		if (error) {
+			perror("extattrctl disable");
+			return (1);
+		}
+		error = extattrctl(argv[2], UFS_EXTATTR_CMD_DISABLE, NULL,
+		    attrnamespace, argv[4]);
+		if (error) {
+			perror("extattrctl disable");
+			return (1);
+		}
+		return (0);
+	} else if (!strcmp(argv[1], "initattr")) {
+		argc -= 2;
+		argv += 2;
+		error = initattr(argc, argv);
+		if (error)
+			return (1);
+		return (0);
+	} else
+		usage();
+}
diff --git a/usr.sbin/getextattr/Makefile b/usr.sbin/getextattr/Makefile
new file mode 100644
index 00000000000..fefa878b72a
--- /dev/null
+++ b/usr.sbin/getextattr/Makefile
@@ -0,0 +1,6 @@
+# $OpenBSD: Makefile,v 1.1 2002/02/22 21:10:30 drahn Exp $
+
+PROG=	getextattr
+MAN=	getextattr.8
+
+.include <bsd.prog.mk>
diff --git a/usr.sbin/getextattr/getextattr.8 b/usr.sbin/getextattr/getextattr.8
new file mode 100644
index 00000000000..e5a1ae55b6e
--- /dev/null
+++ b/usr.sbin/getextattr/getextattr.8
@@ -0,0 +1,107 @@
+.\" $OpenBSD: getextattr.8,v 1.1 2002/02/22 21:10:30 drahn Exp $
+.\"-
+.\" Copyright (c) 2000, 2001, 2002 Robert N. M. Watson
+.\" All rights reserved.
+.\"
+.\" This software was developed by Robert Watson for the TrustedBSD
+.\" Project.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: getextattr.8,v 1.13 2002/02/10 06:13:14 rwatson Exp $
+.\"
+.Dd March 30, 2000
+.Dt GETEXTATTR 8
+.Os
+.Sh NAME
+.Nm getextattr
+.Nd retrieve a named extended attribute
+.Sh SYNOPSIS
+.Nm
+.Op Fl ls
+.Ar attrnamespace
+.Ar attrname
+.Ar filename ...
+.Sh DESCRIPTION
+.Nm
+is a user tool to retrieve a named extended attribute on a file or
+directory.
+The
+.Ar attrnamespace
+argument should be the namespace of the attribute to retrieve: legal
+values are "user" and "system".
+The
+.Ar attrname
+argument should be the name of the attribute, and
+.Ar filename
+a list of files and directories from which to retrieve attribute data.
+.Pp
+The following options are available:
+.Bl -tag -width indent
+.It Fl l
+Print attributes in the first column and file names in the second.
+Can be used only in conjunction with the
+.Fl s
+option.
+.It Fl s
+Attempt to display the attribute data as a string, although the
+results may not look pretty if the data is binary data.
+The
+.Xr strvisx 3
+function is used to generate the string, so control sequences should
+be safely escaped.
+Otherwise, the attribute data will be represented as a series of two-digit
+hex numbers.
+.El
+.Sh IMPLEMENTATION NOTES
+In order for
+.Nm
+to succeed, the attribute service must be available on the file system,
+and the attribute must of defined for the file queried.
+.Sh EXAMPLES
+.Bd -literal -offset indent
+# getextattr system md5 /kernel
+/kernel:
+  61 61 33 62 39 39 66 65    31 35 35 32 31 62 65 32
+  62 36 38 36 62 31 66 39    63 64 33 39 35 36 36 31
+# getextattr -s system md5 /kernel
+/kernel: "aa3b99fe15521be2b686b1f9cd395661"
+.Ed
+.Pp
+Retrieve the
+.Dq md5
+extended attribute for the file
+.Pa /kernel .
+.Sh SEE ALSO
+.Xr extattr 2 ,
+.Xr extattr 3 ,
+.Xr extattrctl 8 ,
+.Xr setextattr 8 ,
+.Xr extattr 9
+.Sh HISTORY
+Extended attribute support was developed as part of the TrustedBSD Project.
+It was developed to support security extensions requiring additional labels
+to be associated with each file or directory.
+.Sh AUTHORS
+Robert N M Watson
+.Sh BUGS
+The output format for this utility is ugly, and worse yet, not very useful.
diff --git a/usr.sbin/getextattr/getextattr.c b/usr.sbin/getextattr/getextattr.c
new file mode 100644
index 00000000000..c7952bbc2ea
--- /dev/null
+++ b/usr.sbin/getextattr/getextattr.c
@@ -0,0 +1,146 @@
+/*	$OpenBSD: getextattr.c,v 1.1 2002/02/22 21:10:30 drahn Exp $	*/
+/*-
+ * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: getextattr.c,v 1.5 2001/06/24 20:25:17 dd Exp $
+ */
+/*
+ * TrustedBSD Project - extended attribute support
+ */
+#include <sys/types.h>
+#include <sys/uio.h>
+#include <sys/extattr.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <vis.h>
+
+void
+usage(void)
+{
+
+	fprintf(stderr, "getextattr [-s] [attrnamespace] [attrname] "
+	    "[filename ...]\n");
+	exit(1);
+}
+
+extern char	*optarg;
+extern int	optind;
+
+#define BUFSIZE	2048
+
+int
+main(int argc, char **argv)
+{
+	size_t	len;
+	char	*attrname;
+	char	*buf, *visbuf;
+	int	 ch, error, i, arg_counter, attrnamespace;
+
+	int	flag_as_string = 0;
+	int	flag_reverse = 0;
+
+	while ((ch = getopt(argc, argv, "ls")) != -1) {
+		switch (ch) {
+		case 'l':
+			flag_reverse = 1;
+		case 's':
+			flag_as_string = 1;
+			break;
+		case '?':
+		default:
+			usage();
+		}
+	}
+
+	argc -= optind;
+	argv += optind;
+
+	if (argc < 3)
+		usage();
+
+	error = extattr_string_to_namespace(argv[0], &attrnamespace);
+	if (error) {
+		perror(argv[0]);
+		return (1);
+	}
+	attrname = argv[1];
+
+	argc--;
+	argv++;
+
+	for (arg_counter = 1; arg_counter < argc; arg_counter++) {
+		len = extattr_get_file(argv[arg_counter], attrnamespace,
+		    attrname, NULL, 0);
+		if (len == -1) {
+			perror(argv[arg_counter]);
+			continue;
+		}
+		buf = (char *)malloc(len);
+		if (buf == NULL) {
+			perror("malloc");
+			return (1);
+		}
+		error = extattr_get_file(argv[arg_counter], attrnamespace,
+		    attrname, buf, len);
+
+		if (error == -1)
+			perror(argv[arg_counter]);
+		else {
+			if (flag_as_string) {
+				visbuf = (char *)malloc(len*4);
+				if (visbuf == NULL) {
+					perror("malloc");
+					return (1);
+				}
+
+				strvisx(visbuf, buf, error, VIS_SAFE
+				    | VIS_WHITE);
+				if (flag_reverse) {
+					printf("%s ", visbuf);
+					printf("%s\n", argv[arg_counter]);
+				} else {
+					printf("%s:", argv[arg_counter]);
+					printf(" \"%s\"\n", visbuf);
+				}
+				free(visbuf);
+			} else {
+				printf("%s:", argv[arg_counter]);
+				for (i = 0; i < error; i++)
+					if (i % 16 == 0)
+						printf("\n  %02x ", buf[i]);
+					else if (i % 8 == 0)
+						printf("   %02x ", buf[i]);
+					else
+						printf("%02x ", buf[i]);
+				printf("\n");
+			}
+		}
+		free(buf);
+	}
+
+	return (0);
+}
diff --git a/usr.sbin/setextattr/Makefile b/usr.sbin/setextattr/Makefile
new file mode 100644
index 00000000000..5a0732c74d5
--- /dev/null
+++ b/usr.sbin/setextattr/Makefile
@@ -0,0 +1,6 @@
+# $OpenBSD: Makefile,v 1.1 2002/02/22 21:09:47 drahn Exp $
+
+PROG=	setextattr
+MAN=	setextattr.8
+
+.include <bsd.prog.mk>
diff --git a/usr.sbin/setextattr/setextattr.8 b/usr.sbin/setextattr/setextattr.8
new file mode 100644
index 00000000000..c031a0a6f4a
--- /dev/null
+++ b/usr.sbin/setextattr/setextattr.8
@@ -0,0 +1,84 @@
+.\"	$OpenBSD: setextattr.8,v 1.1 2002/02/22 21:09:47 drahn Exp $
+.\"-
+.\" Copyright (c) 2000, 2001 Robert N. M. Watson
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: setextattr.8,v 1.8 2001/06/24 23:59:22 dd Exp $
+.\"
+.Dd March 30, 2000
+.Dt SETEXTATTR 8
+.Os
+.Sh NAME
+.Nm setextattr
+.Nd set a named extended attribute
+.Sh SYNOPSIS
+.Nm
+.Ar attrnamespace
+.Ar attrname
+.Ar filename
+.Ar attrvalue
+.Sh DESCRIPTION
+.Nm
+is a user tool to set a named extended attribute on a file or directory to
+the provided string.
+The
+.Ar attrnamespace
+argument should be the namespace of the attribute to retrieve: legal
+values are "user" and "system".
+The
+.Ar attrname
+argument should be the name of the attribute,
+.Ar filename
+the name of the file or directory to set the attribute for, and
+.Ar attrvalue
+a string to store in the attribute.
+.Nm
+will store the string in the file's attribute.
+In order for
+.Nm
+to succeed, the attribute service must be available on the file system,
+and appropriate privilege may be required.
+.Sh EXAMPLES
+.Dl # setextattr system md5 /kernel `md5 -q /kernel`
+.Pp
+Set the
+.Dq md5
+extended attribute on the file /kernel to the string
+containing the output of
+.Dq md5 -q /kernel .
+.Sh SEE ALSO
+.Xr extattr 2 ,
+.Xr extattr 3 ,
+.Xr extattrctl 8 ,
+.Xr getextattr 8 ,
+.Xr extattr 9
+.Sh HISTORY
+Extended attribute support was developed as part of the TrustedBSD Project.
+It was developed to support security extensions requiring additional labels
+to be associated with each file or directory.
+.Sh AUTHORS
+Robert N M Watson
+.Sh BUGS
+.Nm
+can only be used to set attributes to strings.
diff --git a/usr.sbin/setextattr/setextattr.c b/usr.sbin/setextattr/setextattr.c
new file mode 100644
index 00000000000..9b985904abd
--- /dev/null
+++ b/usr.sbin/setextattr/setextattr.c
@@ -0,0 +1,72 @@
+/*	$OpenBSD: setextattr.c,v 1.1 2002/02/22 21:09:47 drahn Exp $	*/
+/*-
+ * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: setextattr.c,v 1.6 2002/02/10 04:48:26 rwatson Exp $
+ */
+/*
+ * TrustedBSD Project - extended attribute support for UFS-like file systems
+ */
+
+#include <sys/types.h>
+#include <sys/uio.h>
+#include <sys/extattr.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+void
+usage(void)
+{
+
+	fprintf(stderr, "setextattr [attrnamespace] [attrname] [filename] "
+	    "[attrvalue]\n");
+	exit(1);
+}
+
+int
+main(int argc, char *argv[])
+{
+	int	error, attrnamespace;
+
+	if (argc != 5)
+		usage();
+
+	error = extattr_string_to_namespace(argv[1], &attrnamespace);
+	if (error) {
+		perror(argv[1]);
+		return (1);
+	}
+
+	error = extattr_set_file(argv[3], attrnamespace, argv[2], argv[4],
+	    strlen(argv[4]));
+	if (error == -1) {
+		perror(argv[3]);
+		return (1);
+	}
+
+	return (0);
+}