Bug: xattr security.capability missing on docker image for shadow-utils

[meeuw]

xattr security.capability missing on docker image.

How to reproduce:

Step 1, run image:

podman run --rm -ti fedora:39

Step 2, install attr (for getfattr below)

dnf install -y attr

Step 3, check xattrs for /usr/bin/newgidmap

getfattr -d -m - usr/bin/newgidmap

Expected result:

# file: usr/bin/newgidmap
security.capability=0sAQAAAkAAAAAAAAAAAAAAAAAAAAA=
security.selinux="system_u:object_r:container_file_t:s0:c375,c964"

Actual result:

# file: usr/bin/newgidmap
security.selinux="system_u:object_r:container_file_t:s0:c375,c964"

Work around:

dnf reinstall shadow-utils

[meeuw]

See also: https://github.com/containers/image_build/blob/c54b97d4f4cec53ca9754bb1fa57fd0f0005dd94/buildah/Containerfile#L37-L39