xattr security.capability missing on docker image.
How to reproduce:
Step 1, run image:
podman run --rm -ti fedora:39
Step 2, install attr (for getfattr below)
dnf install -y attr
Step 3, check xattrs for /usr/bin/newgidmap
getfattr -d -m - usr/bin/newgidmap
Expected result:
# file: usr/bin/newgidmap
security.capability=0sAQAAAkAAAAAAAAAAAAAAAAAAAAA=
security.selinux="system_u:object_r:container_file_t:s0:c375,c964"
Actual result:
# file: usr/bin/newgidmap
security.selinux="system_u:object_r:container_file_t:s0:c375,c964"
Work around:
dnf reinstall shadow-utils
xattr security.capability missing on docker image.
How to reproduce:
Step 1, run image:
podman run --rm -ti fedora:39Step 2, install
attr(forgetfattrbelow)dnf install -y attrStep 3, check xattrs for
/usr/bin/newgidmapExpected result:
Actual result:
Work around: