lxc-download, lxc-local: preserve xattrs on unpack

Update tar invocation to preserve all xattrs when unpacking the rootfs,
notably retaining security.capability xattrs (e.g. for ping, newuidmap)

Note: bsdtar already preserves xattrs with -p

Signed-off-by: Jacob McNamee <jacob@jacobmcnamee.com>

diff --git a/templates/lxc-download.in b/templates/lxc-download.in
index c6d741c6f74af2f91bacf754c8b1d1155ba6850f..75bff242793800324382aa728d5a7837306f3d93 100755 (executable)
--- a/templates/lxc-download.in
+++ b/templates/lxc-download.in
@@ -414,7 +414,7 @@ fi
 if [ "${IS_BSD_TAR}" = "true" ]; then
   tar ${EXCLUDES} --numeric-owner -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
 else
-  tar  --anchored ${EXCLUDES} --numeric-owner -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
+  tar --anchored ${EXCLUDES} --numeric-owner --xattrs-include='*' -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
 fi
 
 mkdir -p "${LXC_ROOTFS}/dev/pts/"

diff --git a/templates/lxc-local.in b/templates/lxc-local.in
index fbabd306e7b078fdc77443bb9f1a19afccdeabd6..673a02e1546b0fe4c7bda012fa4d6234db6a9924 100755 (executable)
--- a/templates/lxc-local.in
+++ b/templates/lxc-local.in
@@ -338,7 +338,7 @@ unpack_rootfs() {
     echo "Excludes: ${EXCLUDES}"
   fi
 
-  tar --anchored ${EXCLUDES} --numeric-owner -xpJf "${LXC_FSTREE}" -C "${LXC_ROOTFS}"
+  tar --anchored ${EXCLUDES} --numeric-owner --xattrs-include='*' -xpJf "${LXC_FSTREE}" -C "${LXC_ROOTFS}"
 
   prepare_rootfs
 }