== preserve file capabilities == === Rationale === Filesystem capabilities aren't properly restored during unsquashfs, this effectively prevents any LXD image from containing file capabilities and breaks basic tools like mtr in recent images.
=== Testcase === For the fscaps part, easiest is to grab the latest cosmic cloud image from: http://cloud-images.ubuntu.com/cosmic/current/cosmic-server-cloudimg-amd64.squashfs Then unsquashfs as root and check if "/usr/bin/mtr-packet" shows a capability when running "getcap". === Regression potential === Minimal, we're syncing to the exact same source and patches as we've got in bionic and cosmic, the patch is also trivial and "obviously right". The issue is that the kernel will strip capabilities during chown() and unsquashfs was restoring capabilities before calling chown. This patch simply re-orders it so that capabilities are applied after ownership. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785499 Title: Make squashfs-tools in Xenial in sync with Bionic and Cosmic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squashfs-tools/+bug/1785499/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
