From 5dc2a1d3f0cfdb9c8815e816177186af230efa34 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@redhat.com>
Date: Thu, 26 Aug 2021 15:55:41 -0400
Subject: [PATCH] imagefactory_plugins.Docker: preserve security.capability
 xattrs

Default to preserving the "security.capability" xattr on files.  Other
extended attributes will continue to be ignored by default.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
---
 imagefactory_plugins/Docker/Docker.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/imagefactory_plugins/Docker/Docker.py b/imagefactory_plugins/Docker/Docker.py
index 68e12c3..f293bd3 100644
--- a/imagefactory_plugins/Docker/Docker.py
+++ b/imagefactory_plugins/Docker/Docker.py
@@ -329,7 +329,7 @@ def _run_guestmount(g):
             #        to allow selective inclusion is broken
             # TODO: Follow up with tar maintainers and docker image creators to find out what
             #       if any xattrs we really need to capture here
-            tarcmd = [ 'tar',  '-cf', builder.target_image.data, '-C', tempdir ]
+            tarcmd = [ 'tar',  '-cf', builder.target_image.data, '--xattrs', '--xattrs-include=security.capability', '-C', tempdir ]
             # User may pass in a comma separated list of additional options to the tar command
             tar_options = parameters.get('tar_options', None)
             if tar_options: