pkg/archive: bail if setting xattrs is unsupported

Extended attributes are set on files in container images for a reason. Fail to unpack if extended attributes are present in a layer and setting the attributes on the unpacked files fails for any reason. Add an option to the vfs graph driver to opt into the old behaviour where ENOTSUPP and EPERM errors encountered when setting extended attributes are ignored. Make it abundantly clear to users and anyone triaging their bug reports that they are shooting themselves in the foot by enabling this option. Signed-off-by: Cory Snider <csnider@mirantis.com>
2026-01-11 18:51:37 +00:00 · 2023-05-09 13:52:30 -04:00
parent 0cdfd5f275
commit 6690d2969c
7 changed files with 147 additions and 18 deletions
--- a/daemon/info_unix.go
+++ b/daemon/info_unix.go
@@ -290,6 +290,15 @@ func fillDriverWarnings(v *types.Info) {
 			}
 			msg += "         Running without d_type support will not be supported in future releases."

+			v.Warnings = append(v.Warnings, msg)
+			continue
+		}
+		if pair[0] == "Extended file attributes" && pair[1] == "best-effort" {
+			msg := fmt.Sprintf("WARNING: %s: extended file attributes from container images "+
+				"will be silently discarded if the backing filesystem does not support them.\n"+
+				"         CONTAINERS MAY MALFUNCTION IF EXTENDED ATTRIBUTES ARE MISSING.\n"+
+				"         This is an UNSUPPORTABLE configuration for which no bug reports will be accepted.\n", v.Driver)
+
 			v.Warnings = append(v.Warnings, msg)
 			continue
 		}