From 38ecae6c0298943b4bc74d6d3d5c888ca0853dec Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 13 Oct 2016 12:47:43 +0100
Subject: [PATCH] tar-in: Add workaround because tar doesn't restore
 capabilities (RHBZ#1384241).

Current GNU tar does not restore all extended attributes.  In
particular only user.* capabilities are restored (although all
are saved in the tarball).

To restore capabilities, SELinux security attributes, and other things
we need to use --xattrs-include=*

For further information on the tar bug, see:
https://bugzilla.redhat.com/show_bug.cgi?id=771927

(cherry picked from commit 6d0ab14b56743679638ead0829ff3131749ac59b)
---
 daemon/tar.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/daemon/tar.c b/daemon/tar.c
index 300e99448..9464d7105 100644
--- a/daemon/tar.c
+++ b/daemon/tar.c
@@ -188,7 +188,11 @@ do_tar_in (const char *dir, const char *compress, int xattrs, int selinux, int a
                        "tar",
                        dir, filter,
                        chown_supported ? "" : "--no-same-owner ",
-                       xattrs ? "--xattrs " : "",
+                       /* --xattrs-include=* is a workaround for a bug
+                        * in tar, and hopefully won't be required
+                        * forever.  See RHBZ#771927.
+                        */
+                       xattrs ? "--xattrs --xattrs-include='*' " : "",
                        selinux ? "--selinux " : "",
                        acls ? "--acls " : "",
                        error_file) == -1) {
-- 
2.18.4