Flags are used by macOS to limit how a file can be changed. They’re set differently from permissions and run in a parallel structure alongside commands like chown
and chmod
. You’ll be using chflags
to change flags, as well as ls
to view flags. Unix runs a similar system, but with a greater number of options called “attributes” instead of flags.
Viewing Set Flags on macOS
In Terminal, you can use an ls
flag to view any extant flags.
ls -lO ~/Librarydrwx------@ 88 alexander staff hidden 2992 Jan 25 14:01 Library
If there are no flags set for a file or folder, a dash will be shown instead.
ls -lO ~/Library/Caches drwx------+ 234 alexander staff - 7956 Jan 25 13:03 Caches
Set flags can be removed by using their inverse, as described below.
Setting and Clearing Flags on macOS
Flags most frequently come up as a problem. Because they set extra-permission permissions, they can be easy to miss. Do you find yourself with a file that cannot be erased, regardless of how elevated your user permissions are? You might need to clear one or two flags.
The flags that can be set under macOS are listed below. This is the full list of available options, as well as an explanation for their functionality. Most flags can only be set by the owner of the file or the superuser; sappnd
and schg
can only be set by the superuser, since they are system-level flags. Only the hidden flag can be set without privilege escalation.
Setting Flags on macOS
When setting a flag on macOS, use the command below. The recursive flag -R
is available for directory-level operations:
sudo chflags -R [flag] /usr/bin/local sudo chflags [flag] /usr/bin/local/mnt.sh chflags -R hidden ~/Desktop
will set the appropriate flag. For example, the following sets the nodump flag:
sudo chflags nodump /usr/bin/local/tty.sh
Only one flag can be set or removed per chflags command.
- opaque sets the folder to appear opaque when viewed through a union mount, an old-fashioned way of viewing multiple directories simultaneously.
- nodump prevents the file or folder from being dumped during use of the
dump
command to back up your system. - sappnd, sappend sets the system append-only flag, which allows the file to be added to but not modified or deleted. Removing this flag requires enter single user mode.
- schg, schange, simmutable sets the system immutable flag, which locks out all file changes by all users of any privilege level. Removing this flag requires single user mode to be entered.
- uappnd, uappend sets the user append-only flag. This can be set by the file owner and can be unset by the owner without escalating privileges. Since it locks the file, with
sappnd
orschg
at lower security, it’s used far more frequently. - uchg, uchange, uimmutable sets the user immutable flag, which has the same relationship to the system immutable flag as the
uappnd
flag has tosappnd
. - hidden sets the hidden flag. This hides the item within the Finder GUI and ls commands.
Clearing Flags on macOS
To clear a given flag, set its opposite. In most cases, this means prepending “no” to your command. In the case of nodump, use the dump flag to clear, like so:
sudo chflags dump /usr/bin/local/oty.sh
More standard terms can be reversed with the “no” prefix, like so:
sudo chflags nosappnd /usr/bin/local/oty.sh
As with chmod, a recursive flag is available:
chflags -R nohidden ~/Desktop
Once flags have been cleared, you’ll be free to change the ownership and permissions of the file as expected.
Using Attributes on Unix
Unix runs a similar system on the backend, but it’s handled with different commands. On the most popular Linux platforms, you’ll instead have access to chattr
and lsattr
. These flags are used for changing and viewing “attributes,” which is what flags go by on most other Unix installs.
Attributes can be viewed with lsattr
:
lsattr /path/to/file.txt
Changing attributes relies on a code of initialism and are listed in the chattr man page:
“The letters ‘acdeijstuADST’ select the new attributes for the files: append only (a), compressed (c), no dump (d), extent format (e), immutable (i), data journalling (j), secure deletion (s), no tail-merging (t), undeletable (u), no atime updates (A), synchronous directory updates (D), synchronous updates (S), and top of directory hierarchy (T).”
The command looks like so:
chattr +s /file/name.txt
That sets the secure deletion attribute for the specified path.
Wrapping Up
Flags are most useful when limiting who can change a file. By locking files, you can prevent tampering or accidental edits at a filesystem level. Without escalation to root or the file owner, these privileges cannot be changed, so they’re moderately secure.
Our latest tutorials delivered straight to your inbox