This bosh-release untars and retars the rootFS to update ca certs, but in the process did not preserve xattr information.
With this commit, on tar operations xattr attributes are preserved which are required for linux file capabilities[1].
The issue was found while investigating why newer versions of the iputils-ping that rely on capabilities (instead of setuid in older versions) weren't working as expected.
This change along with a similar change in garden[2] fixes the ping issue on CF. The setuid workaround[3] is not required anymore.
This bosh-release untars and retars the rootFS to update ca certs, but in the process did not preserve xattr information.
With this commit, on tar operations xattr attributes are preserved which are required for linux file capabilities[1]. The issue was found while investigating why newer versions of the iputils-ping that rely on capabilities (instead of setuid in older versions) weren't working as expected.
This change along with a similar change in garden[2] fixes the ping issue on CF. The setuid workaround[3] is not required anymore.
Also see discussion https://cloudfoundry.slack.com/archives/C033RE5D6/p1694194745658319 Older related PR: https://github.com/cloudfoundry/cflinuxfs4-release/pull/4