Package: fakeroot Version: 1.38.1-1 Severity: important X-Debbugs-Cc: [email protected]
Dear Maintainer, I am an Arch Linux user and I confirmed that the following bug applies to the latest fakeroot source code. This is a regression bug introduced by commit 9613bbb4, which pass through flistxattr syscall to underlying file system even though some xattr is set up in fakeroot container. I attached a script to demonstrate the issue: when packaging software, packaging helper may setcap on a file in container, which is emulated; getcap on that file is OK, due to fakeroot emulation filters user xattrs, so capabilities are emulated correctly and getcap can print the cap set. However, flistxattr is not filtered and returns immediately if underlying file system xattr query does not fail, leading to capabilities drop. If the problem exists, y.tar does not contain PaxHeader/y at the header as no xattr is found. I think fakeroot should fall back to emulate xattrs if the underlying file in file system does not contain any xattr? -- Script to reproduce: #!/bin/sh id mkdir -p /tmp/tst-setcap cd /tmp/tst-setcap touch y chmod +x y setcap cap_net_admin,cap_net_raw+ep y getcap y bsdtar -cvaf y.tar y xxd y.tar | head -- System Information: This bug is observed in downstream distribution: Arch Linux uname: Linux aRchOG 7.0.5-arch1-1-g14 #1 SMP PREEMPT_DYNAMIC Wed, 13 May 2026 18:07:58 +0000 x86_64 GNU/Linux Downstream package version: core/fakeroot: 1.38.1-1
