tar2sqfs looses security capabilities

[bdrung]

When converting a tarball to squashfs, the security capabilities from the tarball are lost. Debian's and Ubuntu's ping uses capabilities to allow users to run ping:

$ getcap /bin/ping
/bin/ping = cap_net_raw+ep

Steps to reproduce:

$ mmdebstrap -v buster root.tar
$ tar2sqfs -q --no-skip -c xz -b 1048576 root.sqfs < root.tar
$ rdsquashfs -x /bin/ping root.sqfs
security.capability=

Tested with latest git HEAD of squashfs-tools-ng.

[AgentD]

Thanks for testing and reporting this!

It should be solved with commit 262fc48eb9e246ddb7315f5a14e7f6f58ca987c1

Basically the tar parser treated SHILY.xattr key/value pairs as ASCII strings. Since the value for the capabilities field is binary, it begins with a null-byte and was treated as an empty string.

I did the following to test that my fix works:

tar cf test.tar --xattrs /bin/ping
tar2sqfs test.sqfs < test.tar
sqfs2tar test.sqfs > test2.tar

I then compared the PAX headers in test.tar and test2.tar using a hex editor and saw that the xattrs in the tarballs are identical. I also mounted test.sqfs and checked the capabilities using getcap and it reported the same for ping inside the SquashFS as for the one on my system.

Furthermore, in commit 76e9644ba9e7ce3535eb72ab041ac3be8486c22c I modified rdsquashfs -x to print a hexdump if the key or value of an xattr is not a printable ASCII or UTF-8 string, which now gives me this on my system:

rdsquashfs -x /bin/ping test.sqfs 
security.capability=0x0000000200300000000000000000000000000000
security.selinux=system_u:object_r:ping_exec_t:s0

I have not added test cases for this yet, but will.

[bdrung]

I tested the latest git HEAD and it works now. Thanks.

tests/cantrbry.sh and tests/test_tar_sqfs.sh failed with sha512sum complaining about mismatched checksums.