From 38ecae6c0298943b4bc74d6d3d5c888ca0853dec Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 13 Oct 2016 12:47:43 +0100
Subject: [PATCH] tar-in: Add workaround because tar doesn't restore
capabilities (RHBZ#1384241).
Current GNU tar does not restore all extended attributes. In
particular only user.* capabilities are restored (although all
are saved in the tarball).
To restore capabilities, SELinux security attributes, and other things
we need to use --xattrs-include=*
For further information on the tar bug, see:
https://bugzilla.redhat.com/show_bug.cgi?id=771927
(cherry picked from commit 6d0ab14b56743679638ead0829ff3131749ac59b)
---
daemon/tar.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/daemon/tar.c b/daemon/tar.c
index 300e99448..9464d7105 100644
--- a/daemon/tar.c
+++ b/daemon/tar.c
@@ -188,7 +188,11 @@ do_tar_in (const char *dir, const char *compress, int xattrs, int selinux, int a
"tar",
dir, filter,
chown_supported ? "" : "--no-same-owner ",
- xattrs ? "--xattrs " : "",
+ /* --xattrs-include=* is a workaround for a bug
+ * in tar, and hopefully won't be required
+ * forever. See RHBZ#771927.
+ */
+ xattrs ? "--xattrs --xattrs-include='*' " : "",
selinux ? "--selinux " : "",
acls ? "--acls " : "",
error_file) == -1) {
--
2.18.4