getextattr, lsextattr,
  rmextattr, setextattr —
manipulate extended attributes
  
    | getextattr | [ -fhq] [-s|-x|-vstyle] [namespace]
      attrname filename ... | 
  
    | lsextattr | [ -fhq] namespace
      filename ... | 
  
    | rmextattr | [ -fhq] [namespace]
      attrname filename ... | 
  
    | setextattr | [ -fhnq] [namespace]
      attrname attrvalue
      filename ... | 
  
    | setextattr | [ -fhnq]-ivaluefile [namespace]
      attrname filename ... | 
These utilities are user tools to manipulate the named extended attributes on
  files and directories.
The namespace argument should be the
    namespace of the attribute to retrieve: legal values are
    user and system. For all
    operations except lsextattr, the namespace argument
    may be omitted if the attribute name is namespace prefixed, like in
    user.test. In that later case, the
    user namespace prefix obviously selects
    user namespace. system,
    security, and trusted
    namespace prefixes select the system namespace.
The attrname argument should be the name of
    the attribute, filename the name of the target file or
    directory, attrvalue a string to store in the
    attribute.
The following options are available:
  - -f
- (Force.) Ignore errors on individual filenames and continue with the
      remaining arguments.
- -h
- (No follow.) If the file is a symbolic link, perform the operation on the
      link itself rather than the file that the link points to.
- -ivaluefile
- (Input file.) Read the attribute value from file
      valuefile. Use this flag in order to set a binary
      value for an attribute.
- -n
- (NUL-terminate.)NUL-terminate the extent content written out.
- -q
- (Quiet.) Do not print out the pathname and suppress error messages.
- -s
- (Stringify.) Escape nonprinting characters and put quotes around the
      output.
- -vstyle
- (Visual.) Process the attribute value through
      vis(3), using
      style. Valid values for style
      are:
    
      - default
- Use default vis(3)
          encoding.
- c
- Use C-style backslash sequences, like in vis-c.
- http
- Use URI encoding from RFC 1808, like in vis-h.
- octal
- Display in octal, like in vis-o.
- vis
- Alias for default.
- cstyle
- Alias for c.
- httpstyle
- Alias for http.
 
- -x
- (Hex.) Print the output in hexadecimal.
setextattr system md5 `md5 -q /boot/kernel/kernel` /boot/kernel/kernel
getextattr system md5 /boot/kernel/kernel
lsextattr system /boot/kernel/kernel
rmextattr system md5 /boot/kernel/kernel
 
Examples omitting namespace (and attribute value) argument:
setextattr -i valuefile trusted.gfid /export/wd3a
getextattr -x trusted.gfid /export/wd3a
 
Extended attribute support was developed as part of the TrustedBSD Project, and
  introduced in FreeBSD 5.0 and NetBSD
  3.0. It was developed to support security extensions requiring
  additional labels to be associated with each file or directory.
Extended attribute support was resurrected and made more usable in
    NetBSD 5.2.
Robert N M Watson
Poul-Henning Kamp
Emmanuel Dreyfus