en File (command)

file
Example usage of `file`
Developer(s)	AT&T Bell Laboratories
Initial release	1973 (1973) as part of Unix Research Version 4; 1986 (1986) open-source reimplementation

Stable release	5.46^[1] / 27 November 2024; 2 months ago (27 November 2024)

Repository	github.com/file/file
Written in	C
Operating system	Unix, Unix-like, Plan 9, IBM i
Platform	Cross-platform
Type	File type detector
License	BSD license, CDDL Plan 9: MIT License
Website	darwinsys.com/file/

The file command is a standard program of Unix and Unix-like operating systems for recognizing the type of data contained in a computer file.

History

The original version of file originated in Unix Research Version 4^[2] in 1973. System V brought a major update with several important changes, most notably moving the file type information into an external text file rather than compiling it into the binary itself.

Most major BSD and Linux distributions use a free, open-source reimplementation which was written in 1986–87 by Ian Darwin^[3] from scratch; it keeps file type information in a text file with a format based on that of the System V version. It was expanded by Geoff Collyer in 1989 and since then has had input from many others, including Guy Harris, Chris Lowth and Eric Fischer; from late 1993 onward its maintenance has been organized by Christos Zoulas. The OpenBSD system has its own subset implementation written from scratch, but still uses the Darwin/Zoulas collection of magic file formatted information.

The file command has also been ported to the IBM i operating system.^[4]

Specification

The Single UNIX Specification (SUS) specifies that a series of tests are performed on the file specified on the command line:

if the file cannot be read, or its Unix file type is undetermined, the file program will indicate that the file was processed but its type was undetermined.
file must be able to determine the types directory, FIFO, socket, block special file, and character special file
zero-length files are identified as such
an initial part of file is considered and file is to use position-sensitive tests
the entire file is considered and file is to use context-sensitive tests
the file is identified as a data file

file's position-sensitive tests are normally implemented by matching various locations within the file against a textual database of magic numbers (see the Usage section). This differs from other simpler methods such as file extensions and schemes like MIME.

In the System V implementation, the Ian Darwin implementation, and the OpenBSD implementation, the file command uses a database to drive the probing of the lead bytes. That database is implemented in a file called magic, whose location is usually in /etc/magic, /usr/share/file/magic or a similar location.

Usage

The SUS^[5] mandates the following options:

-M file, specify a file specially formatted containing position-sensitive tests; default position-sensitive tests and context-sensitive tests will not be performed.
-m file, as for -M, but default tests will be performed after the tests contained in file.
-d, perform default position-sensitive and context-sensitive tests to the given file; this is the default behaviour unless -M or -m is specified.
-h, do not dereference symbolic links that point to an existing file or directory.
-L, dereference the symbolic link that points to an existing file or directory.
-i, do not classify the file further than to identify it as either: nonexistent, a block special file, a character special file, a directory, a FIFO, a socket, a symbolic link, or a regular file. Linux^[6] and BSD^[7] systems behave differently with this option and instead output an Internet media type ("MIME type") identifying the recognized file format.

Other Unix and Unix-like operating systems may add extra options than these. Ian Darwin's implementation adds -s 'special files', -k 'keep-going' or -r 'raw' (examples below), among many others.^[6]

The command tells only what the file looks like, not what it is (in the case where file looks at the content). It is easy to fool the program by putting a magic number into a file the content of which does not match it. Thus the command is not usable as a security tool other than in specific situations.

Examples

$ file file.c
file.c: C program text

$ file program
program: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked
    (uses shared libs), stripped

$ file /dev/hda1
/dev/hda1: block special (0/0)

$ file -s /dev/hda1
/dev/hda1: Linux/i386 ext2 filesystem

Note that -s is a non-standard option available only on the Ian Darwin branch, which tells file to read device files and try to identify their contents rather than merely identifying them as device files. Normally file does not try to read device files since reading such a file can have undesirable side effects.

$ file -k -r libmagic-dev_5.35-4_armhf.deb    # (on Linux)
libmagic-dev_5.35-4_armhf.deb: Debian binary package (format 2.0)
- current ar archive
- data

Through Ian Darwin's non-standard option -k the program does not stop after the first hit found, but looks for other matching patterns. The -r option, which is available in some versions, causes the unprintable new line character to be displayed in its raw form rather than in its octal representation.

$ file compressed.gz
compressed.gz: gzip compressed data, deflated, original filename, `compressed', last
    modified: Thu Jan 26 14:08:23 2006, os: Unix

$ file -i compressed.gz    # (on Linux)
compressed.gz: application/x-gzip; charset=binary

$ file data.ppm
data.ppm: Netpbm PPM "rawbits" image data

$ file /bin/cat
/bin/cat: Mach-O universal binary with 2 architectures
/bin/cat (for architecture ppc7400):	Mach-O executable ppc
/bin/cat (for architecture i386):	Mach-O executable i386

$ file /usr/bin/vi
/usr/bin/vi: symbolic link to vim

Identifying symbolic links is not available on all platforms and will be dereferenced if -L is passed or POSIXLY_CORRECT is set.

Libmagic library

As of version 4.00 of the Ian Darwin/Christos Zoulas version of file, the functionality of file is incorporated into a libmagic library that is accessible via C (and C-compatible) linking;^[8]^[9] file is implemented using that library.^[10]^[11]

References

^ "[File] FIle 5.46 is now available". 27 November 2024. Retrieved 28 November 2024.
^ "Source of the UNIX V4 "file" man page". Archived from the original on 2019-12-10. Retrieved 2022-03-13.
^ The early history of this program is recorded in its private CVS repository; see [1] Archived 2017-04-01 at the Wayback Machine the log of the main program
^ "IBM System i Version 7.2 Programming Qshell" (PDF). IBM. Archived (PDF) from the original on 2021-03-05. Retrieved 2020-09-05.
^ "The Open Group Base Specifications Issue 7 — file command". Archived from the original on 2018-10-12. Retrieved 2014-08-20.
^ ^a ^b file(1) – Linux User Manual – User Commands
^ file(1) – NetBSD General Commands Manual
^ libmagic(3) – Linux Programmer's Manual – Library Functions
^ libmagic(3) – NetBSD Library Functions Manual
^ Zoulas, Christos (February 27, 2003). "file-3.41 is now available". File (Mailing list). Archived from the original on March 4, 2016. Retrieved January 1, 2013.
^ Zoulas, Christos (March 24, 2003). "file-4.00 is now available". File (Mailing list). Archived from the original on December 28, 2016. Retrieved January 1, 2013.

External links

The Wikibook Guide to Unix has a page on the topic of: Commands

file: determine file type – Shell and Utilities Reference, The Single UNIX Specification, Version 4 from The Open Group

Manual pages

file(1) – Linux User Manual – User Commands
libmagic(3) – NetBSD Library Functions Manual
libmagic(3) – Linux Programmer's Manual – Library Functions
file(1) – OpenBSD General Commands Manual – a non-Ian Darwin implementation
file(1) – Plan 9 Programmer's Manual, Volume 1 – a non-Ian Darwin, non-SUS implementation

Other

Fine Free File Command – homepage for Ian Darwin's version of file used in major BSD and Linux distributions.
- mailing list
- releases
binwalk, a firmware analysis tool that carves files based on libmagic signatures
TrID, an alternative providing ranked answers (instead of just one) based on statistics.
Magika, an ML-based tool, by Google Research

v t e Unix command-line interface programs and shell builtins
File system	cat chattr chmod chown chgrp cksum cmp cp dd du df file fuser ln ls mkdir mv pax pwd rm rmdir split tee touch type umask
Processes	at bg crontab fg kill nice ps time
User environment	env exit logname mesg talk tput uname who write
Text processing	awk basename comm csplit cut diff dirname ed ex fold head iconv join m4 more nl paste patch printf read sed sort strings tail tr troff uniq vi wc xargs
Shell builtins	alias cd echo test unset wait
Searching	find grep
Documentation	man
Software development	ar ctags lex make nm strip yacc
Miscellaneous	bc cal expr lp od sleep true and false
Categories Standard Unix programs Unix SUS2008 utilities List

v t e Plan 9 command-line interface programs and shell builtins
File system	chmod chgrp cmp cp dd du file gzip ls mkdir pwd rm split tee touch
Processes	kill ps
User environment	passwd who
Text processing	awk basename comm diff ed eqn join sed sort spell strings tail tr troff uniq wc
Shell builtins	echo test
Networking	ip/ipconfig ip/ping netstat
Searching	grep
Software development	ar hoc lex nm strip yacc
Miscellaneous	bc cal fortune sleep
Category

Agama	Bahasa	Biografi	Budaya	Ekonomi	Elektronika
Film	Filsafat	Geografi	Indonesia	Ilmu	Lingkungan
Masyarakat	Matematika	Militer	Mitologi	Musik	Olahraga
Pendidikan	Politik	Sastra	Sejarah	Seni	Teknologi

File (command)