-rw-r-xr--+ 1 root root 151 Jul 31 20:38 test.sh
I had no idea what this "+" indicates about the file or directory. I just searched google to find out without any luck. Every docuemnt that I referred speaks about all other fields displayed in the output, but kept silent about "+". "man ls" has nothing to say about it. But I was not ready to give up, I found out myself what that field indicates. You may already know what is meant by this +, but this blog is intended to explain how did I find it out myself which may be useful for you also if you face a similar situation in future. Below is the method that I followed.
I created a file in /tmp named file.txt. When I did "ls -l" on that file, I didn't see the "+" in the output. Now I have a file which has a + in the "ls -l" output and one which doesn't have.
Now I did strace on "ls -l" while listing both the files. Strace was executed as below.
# strace -fvvv -s 1024 -o
Analyzed both straces and compared them. This comparison helped me to see what is different between these two files.
For the file which has + in its output, I found the below system call in strace.
29608 getxattr("/root/test.sh", "system.posix_acl_access", 0x0, 0) = 44
For the file which doesn't have + in the output, I found the same system call as below.
29616 getxattr("/tmp/file.txt", "system.posix_acl_access", 0x0, 0) = -1 ENODATA (No data available)
29616 getxattr("/tmp/file.txt", "system.posix_acl_default", 0x0, 0) = -1 ENODATA (No data available)
The difference in the output of getxattr() told me that the file which has a "+" in the output has a filesystem acl on it where as the file which doesn't have a "+" in the output has no acls set on it (This is indicated by the "-1 ENODATA (No data available").
I verified this by running "getfacl
"For files that have a default ACL or an access ACL that contains more than the three required ACL entries, the ls(1) utility in the long form produced by ls -l displays a plus sign (+) after the permission string."
Is "man acl" the right place to have this info?