Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support xattrs #853

Merged
merged 1 commit into from
Oct 6, 2023
Merged

Support xattrs #853

merged 1 commit into from
Oct 6, 2023

Conversation

Kern--
Copy link
Contributor

@Kern-- Kern-- commented Oct 2, 2023

Issue #, if available:

Fixes #812

Description of changes:
Before this change, SOCI stored all PAX header records as linux xattrs. PAX header records are a generic key-value pair for TAR files, not specifically linux xattrs. While go does support linux xattrs by prefixing them with SCHILY.xattr, since we didn't parse them back to linux xattrs, they did not behave correctly with SOCI. The most likely way users would experience this is that file capabilities don't work with SOCI.

This change keeps all PAX header records in the ztoc format, but parses out just the linux xattrs without the prefix when creating the filesystem metadata from a ztoc.

Docker, buildkit, buildah/podman, and kaniko all use the go tarHeader.Xattrs to add xattrs which uses the SCHILY.xattr. prefix. While there are technically other ways to encode xattrs (e.g. LIBARCHIVE.xattr.) it doesn't seem common.

Testing performed:
make check && make test && make integration

I also re-performed the security capability test from #812 to verify that it works with SOCI now.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Before this change, SOCI stored all PAX header records as linux xattrs.
PAX header records are a generic key-value pair for TAR files, not
specifically linux xattrs. While go does support linux xattrs by
prefixing them with SCHILY.xattr, since we didn't parse them back to
linux xattrs, they did not behave correctly with SOCI. The most likely
way users would experience this is that file capabilities don't work
with SOCI.

This change keeps all PAX header records in the ztoc format, but parses
out just the linux xattrs without the prefix when creating the
filesystem metadata from a ztoc.

Docker, buildkit, buildah/podman, and kaniko all use the go
tarHeader.Xattrs to add xattrs which uses the `SCHILY.xattr.` prefix.
While there are technically other ways to encode xattrs (e.g.
`LIBARCHIVE.xattr.`) it doesn't seem common.

Signed-off-by: Kern Walster <[email protected]>
@Kern-- Kern-- requested a review from a team as a code owner October 2, 2023 22:58
ztoc/fbs/ztoc.fbs Show resolved Hide resolved
@Kern-- Kern-- merged commit b5c2e7a into awslabs:main Oct 6, 2023
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Bug] Xattrs don't work
3 participants