Libguestfs - Oct 2016 - [PATCH] tar-in: Add workaround because tar doesn't restore capabilities (RHBZ#1384241).

Current GNU tar does not restore all extended attributes.  In
particular only user.* capabilities are restored (although all
are saved in the tarball).

To restore capabilities, SELinux security attributes, and other things
we need to use --xattrs-include=*

For further information on the tar bug, see:
https://bugzilla.redhat.com/show_bug.cgi?id=771927
---
 daemon/tar.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/daemon/tar.c b/daemon/tar.c
index c5d9524..2ebd2fe 100644
--- a/daemon/tar.c
+++ b/daemon/tar.c
@@ -190,7 +190,11 @@ do_tar_in (const char *dir, const char *compress, int
xattrs, int selinux, int a
                        str_tar,
                        dir, filter,
                        chown_supported ? "" : "--no-same-owner
",
-                       xattrs ? "--xattrs " : "",
+                       /* --xattrs-include=* is a workaround for a bug
+                        * in tar, and hopefully won't be required
+                        * forever.  See RHBZ#771927.
+                        */
+                       xattrs ? "--xattrs --xattrs-include='*'
" : "",
                        selinux ? "--selinux " : "",
                        acls ? "--acls " : "",
                        error_file) == -1) {
-- 
2.9.3

On Thursday, 13 October 2016 12:47:43 CEST Richard W.M. Jones
wrote:
> Current GNU tar does not restore all extended attributes.  In
> particular only user.* capabilities are restored (although all
> are saved in the tarball).
> 
> To restore capabilities, SELinux security attributes, and other things
> we need to use --xattrs-include=*
> 
> For further information on the tar bug, see:
> https://bugzilla.redhat.com/show_bug.cgi?id=771927
> ---
Pity tar cannot handle properly this kind of metadata...

LGTM.

Thanks,
-- 
Pino Toscano