Explanation of st_flags bits

1

I'm writing a python script to delete files on MacOS, and I run into SIP protected files. I know the presence of st_flags more than likely mean I can't delete the file. Like here:

>>> os.stat(f).st_flags
524288

But I'm curious to know what that actually means. I looked in stat.h and see:

/*
 * Definitions of flags stored in file flags word.
 *
 * Super-user and owner changeable flags.
 */
#define UF_SETTABLE     0x0000ffff      /* mask of owner changeable flags */
#define UF_NODUMP       0x00000001      /* do not dump file */
#define UF_IMMUTABLE    0x00000002      /* file may not be changed */
#define UF_APPEND       0x00000004      /* writes to file may only append */
#define UF_OPAQUE       0x00000008      /* directory is opaque wrt. union */
/*
 * The following bit is reserved for FreeBSD.  It is not implemented
 * in Mac OS X.
 */
/* #define UF_NOUNLINK  0x00000010 */   /* file may not be removed or renamed */
#define UF_COMPRESSED   0x00000020      /* file is compressed (some file-systems) */

/* UF_TRACKED is used for dealing with document IDs.  We no longer issue
 *  notifications for deletes or renames for files which have UF_TRACKED set. */
#define UF_TRACKED              0x00000040

#define UF_DATAVAULT    0x00000080      /* entitlement required for reading */
                                    /* and writing */

/* Bits 0x0100 through 0x4000 are currently undefined. */
#define UF_HIDDEN       0x00008000      /* hint that this item should not be */
                                    /* displayed in a GUI */
/*
 * Super-user changeable flags.
 */
#define SF_SUPPORTED    0x001f0000      /* mask of superuser supported flags */
#define SF_SETTABLE     0xffff0000      /* mask of superuser changeable flags */
#define SF_ARCHIVED     0x00010000      /* file is archived */
#define SF_IMMUTABLE    0x00020000      /* file may not be changed */
#define SF_APPEND       0x00040000      /* writes to file may only append */
#define SF_RESTRICTED   0x00080000      /* entitlement required for writing */
#define SF_NOUNLINK     0x00100000      /* Item may not be removed, renamed or mounted on */

I just dont quite see how it adds up to 524288. I mean I kinda get it, like permission bits, 1 or more in the 6th position from the right should mean SF_NOUNLINK is set, but where is the 5 coming from? 2 in the 5th position from the right means SF_IMMUTABLE is set, and 2nd position is 8, which is UF_DATAVAULT, which makes sense. The other values in positions 3-4, and the value of 5 (from right) I dont understand. Any pointers as how to read this?

objective-c
linux
macos
file
unix
asked on Stack Overflow Nov 9, 2019 by user3530614

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0