package: fai version: 5.2 Currently, the sample configuration namespace has a shell script to restore the common capabilities found in base files; see scripts/DEBIAN/20-capabilities.
This approach is brittle because as new packages in the base system gain capabilities, everyone's configuration space needs to be updated. tar does support saving and restoring capabilities. If base file tars are created using tar --xattrs --xattrs-include=security.capability -cf blah blah and restored with tar -xf filename --xattrs --xattrs-include=security.capability Then capabilities are directly preserved. I understand that you may want to preserve the script in the configuration space because you cannot guarantee how people create base files. However for restore of base files, please include the xattrs options.