From 38ecae6c0298943b4bc74d6d3d5c888ca0853dec Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Thu, 13 Oct 2016 12:47:43 +0100 Subject: [PATCH] tar-in: Add workaround because tar doesn't restore capabilities (RHBZ#1384241). Current GNU tar does not restore all extended attributes. In particular only user.* capabilities are restored (although all are saved in the tarball). To restore capabilities, SELinux security attributes, and other things we need to use --xattrs-include=* For further information on the tar bug, see: https://bugzilla.redhat.com/show_bug.cgi?id=771927 (cherry picked from commit 6d0ab14b56743679638ead0829ff3131749ac59b) --- daemon/tar.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/daemon/tar.c b/daemon/tar.c index 300e99448..9464d7105 100644 --- a/daemon/tar.c +++ b/daemon/tar.c @@ -188,7 +188,11 @@ do_tar_in (const char *dir, const char *compress, int xattrs, int selinux, int a "tar", dir, filter, chown_supported ? "" : "--no-same-owner ", - xattrs ? "--xattrs " : "", + /* --xattrs-include=* is a workaround for a bug + * in tar, and hopefully won't be required + * forever. See RHBZ#771927. + */ + xattrs ? "--xattrs --xattrs-include='*' " : "", selinux ? "--selinux " : "", acls ? "--acls " : "", error_file) == -1) { -- 2.18.4