Ubuntu
tar package

its undocumented that only user.* extended attributes are restored upon extraction

Bug #1831150 reported by Brian Murray
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU tar
Unknown
Unknown
tar (Debian)
New
Unknown
tar (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

The tar info page and upstream documentation indicate that when --xattr is used "all names are stored in the archive (or extracted, if using '--extract')", however when using --xattr with extract the security.capability extended attributes are not restored. If one also uses "--xattrs-include=*" then the security.capability extended attributes will be restored.

[Test Case]
mkdir orig restore
touch orig/file_with_capability_and_user_xattr
setcap cap_net_raw=p orig/file_with_capability_and_user_xattr
(eoan-amd64)root@impulse:/tmp# getfattr -m . -d orig/file_with_capability_and_user_xattr
# file: orig/file_with_capability_and_user_xattr
security.capability=0sAAAAAgAgAAAAAAAAAAAAAAAAAAA=
user.testkey="testvalue"
(eoan-amd64)root@impulse:/tmp# tar c --xattrs --acls --directory orig/ . | tar x --xattrs --acls --directory restore/
(eoan-amd64)root@impulse:/tmp# getfattr -m . -d restore/file_with_capability_and_user_xattr
# file: restore/file_with_capability_and_user_xattr
user.testkey="testvalue"
(eoan-amd64)root@impulse:/tmp# tar c --xattrs --directory orig/ . | tar x --xattrs --xattrs-include=* --directory restore/
(eoan-amd64)root@impulse:/tmp# getfattr -m . -d restore/file_with_capability_and_user_xattr
# file: restore/file_with_capability_and_user_xattr
security.capability=0sAAAAAgAgAAAAAAAAAAAAAAAAAAA=
user.testkey="testvalue"

I think tar's extract behavior should be changed to match that of create so that all names are actually extracted.

Tags: eoan
Brian Murray (brian-murray)
tags: added: eoan
Brian Murray (brian-murray)
summary: - security.capability extended attributes not restored upon extraction
+ only user.* extended attributes restored upon extraction
Bug Watch Updater (bug-watch-updater)
Changed in tar (Debian):
status: Unknown → New
Revision history for this message
Brian Murray (brian-murray) wrote : Re: only user.* extended attributes restored upon extraction

After discussing this with upstream it became clear that the documentation is incorrect and it is deliberate that only the "user.*" extended attributes are applied by default during extraction.

"This decision was done because only user.* attributes are 100% safe to
extract. The security.* (especially capabilities) can have some binary
format specific to the box creating the archive but incompatible with host
extracting the archive."

https://lists.gnu.org/archive/html/bug-tar/2019-06/msg00001.html

The man for tar should be updated to reflect that to avoid any confusion.

summary: - only user.* extended attributes restored upon extraction
+ its undocumented that only user.* extended attributes restored upon
+ extraction
summary: - its undocumented that only user.* extended attributes restored upon
+ its undocumented that only user.* extended attributes are restored upon
extraction
Revision history for this message
Brian Murray (brian-murray) wrote :

Given that the only documentation which refers to the default behavior of extended attributes is only included upstream and is not shipped in the Debian or Ubuntu package I'm closing this bug as Invalid.

Changed in tar (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.