[lxc-devel] [distrobuilder/master] shared/util: preserve xattrs in Pack/PackUpdate

[smibarber on Github]

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 603 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200611/253362e7/attachment.bin>
-------------- next part --------------
From ed7c50e2988d6dc2db1d01d25dce491765825350 Mon Sep 17 00:00:00 2001
From: Stephen Barber <smbarber at chromium.org>
Date: Thu, 11 Jun 2020 15:20:47 -0700
Subject: [PATCH] shared/util: preserve xattrs in Pack/PackUpdate

tar does not preserve xattrs by default, so update Pack and PackUpdate
to use the --xattrs flag. This avoids dropping the security.capability
xattr, which is used for binaries such as ping.

Downstream bug: https://crbug.com/1093811

Signed-off-by: Stephen Barber <smbarber at chromium.org>
---
 shared/util.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/shared/util.go b/shared/util.go
index 17dd43c..0814dd3 100644
--- a/shared/util.go
+++ b/shared/util.go
@@ -233,7 +233,7 @@ func CreateGPGKeyring(keyserver string, keys []string) (string, error) {
 
 // Pack creates an uncompressed tarball.
 func Pack(filename, compression, path string, args ...string) error {
-	err := RunCommand("tar", append([]string{"-cf", filename, "-C", path}, args...)...)
+	err := RunCommand("tar", append([]string{"--xattrs", "-cf", filename, "-C", path}, args...)...)
 	if err != nil {
 		// Clean up incomplete tarball
 		os.Remove(filename)
@@ -245,7 +245,7 @@ func Pack(filename, compression, path string, args ...string) error {
 
 // PackUpdate updates an existing tarball.
 func PackUpdate(filename, compression, path string, args ...string) error {
-	err := RunCommand("tar", append([]string{"-uf", filename, "-C", path}, args...)...)
+	err := RunCommand("tar", append([]string{"--xattrs", "-uf", filename, "-C", path}, args...)...)
 	if err != nil {
 		return err
 	}