@haokuixi
2015-06-09T18:19:33.000000Z
字数 3314
阅读 16573
unix
macos
In Mac OS X, run 'ls -al' gives me something like this.
drwxrwxrwx+ 4 smcho staff 136 May 5 09:18 Public
drwxr-xr-x+ 6 smcho staff 204 Feb 1 2010 Sites
drwxrwxrwx 9 smcho staff 306 Feb 2 2010 backup
drwxr-xr-x@ 36 smcho staff 1224 Sep 4 22:51 bin
What's the + or @ at the end of the first column means?
Is this unique to Mac, or common in UNIX?
ADDED
After Michael Mrozek's answer, I ran 'ls -ale' to get the following.
drwx------+ 66 smcho staff 2244 Aug 30 13:40 Library
0: group:com.apple.sharepoint.group.3 allow search
1: group:everyone deny delete
drwxr-xr-x 3 smcho staff 102 Sep 4 15:01 Mail
drwx------+ 13 smcho staff 442 Aug 28 17:55 Movies
0: group:everyone deny delete
drwx------+ 6 smcho staff 204 Jul 9 09:37 Music
0: group:everyone deny delete
drwx------+ 11 smcho staff 374 Aug 28 16:55 Pictures
0: group:everyone deny delete
drwxr-xr-x 3 smcho staff 102 Mar 18 15:43 Projects
drwxrwxrwx+ 4 smcho staff 136 May 5 09:18 Public
0: group:everyone deny delete
drwxr-xr-x+ 6 smcho staff 204 Feb 1 2010 Sites
0: group:everyone deny delete
What those appended messages mean? Why do I have them for some of the files? I don't remember doing anything particular for them.
The @
suffix is unique to Mac OS and it means the file has extended attributes. You can use the xattr
command-line utility to view and modify them:
xattr --list filename
xattr --set propname propvalue filename
xattr --delete propname filename
The +
suffix means the file has an access control list, and is common in any *nix that supports ACLs. Giving ls
the -e
flag will make it show the associated ACLs after the file, and chmod
can be used to modify then. Most of this is from the chmod
man page:
You add an ACL with chmod +a "type:name flag permission,..."
, and remove it with chmod -a
. The argument to chmod
is fairly complicated:
user
or group
, to clarify if name is referring to a username or a group name. If name is unambiguous, you can omit the typeIn your particular example, most of the ACL entries are group:everyone deny delete
. That is, all users in the everyone
group (which is naturally everyone) are denied the permission to delete the folder. I believe, although I can't find any documentation about it, that these are default ACLs to stop you from removing essential root folders -- somebody correct this if that's not the case. The only other entry is group:com.apple.sharepoint.group.3
allow search, which allows Directory Services to search for files by name in the /Library
folder
整理自:
+ or @ mark after running 'ls -al' | Unix & Linux Stack Exchange