[redhat-lspp] zip & unzip - restoring labels?

[Russell Coker]

On Thu, 2005-10-06 at 11:03 -0400, Stephen Smalley wrote:
> On Thu, 2005-10-06 at 10:01 -0500, Debora Velarde wrote:
> > Correct.  It seems as though the default behavior should be to act just as 
> > zip/unzip does now.
> > Restoring labels should be an option that must be explicitly passed in by 
> > the admin or user that has the authority to restore the labels.
> 
> Yes, agreed, and that is consistent with star I believe (you have to
> explicitly specify options to preserve attributes both on the creation
> side and on the extraction side).

Here is how star currently works in Fedora:

To create a star archive with xattr data (including SE Linux contexts):
star -xattr -H=exustar -c -f file.tar files

To extract an archive including xattrs:
star -x -f file.tar

Also in all aspects of it's command-line interface star does not
distinguish between SE Linux contexts, ACLs, and user XATTRs.  In it's
internal operation it has special-case handling for SE Linux contexts,
it uses /proc/self/attr/fscreate.

I'm not sure if it's even possible to use star to extract an star
archive in exustar format and not preserve xattrs.  It seems that if you
have an archive with SE Linux contexts and you don't want to apply them
on extraction then you use GNU tar (which has no support for XATTRs and
just ignores that data) to extract the archive.  If you use star to
extract a file which has SE Linux contexts that can not be written by
the tar process then the file is skipped (but other files in the same
archive are created).

So I guess we need to revisit the star patch to add some more options.
Specifically we want to treat SE Linux contexts separately to other
xattrs and allow creation of archives with xattrs other than SE Linux
contexts as well as archive extraction that ignores the contexts.

Volunteers?