When ${D} and ${ROOT} are on different filesystems, then 'if renamefailed:' branch in pym/portage/util/movefile.py is used: https://gitweb.gentoo.org/proj/portage.git/tree/pym/portage/util/movefile.py?id=e43f6c583ed9205abbdcb11340c81d7dd97ccc11#n268 _copyxattr() is called before _apply_stat(). _apply_stat() calls _os.chown(): https://gitweb.gentoo.org/proj/portage.git/tree/pym/portage/util/movefile.py?id=e43f6c583ed9205abbdcb11340c81d7dd97ccc11#n28 os.chown() or /bin/chown deletes security.capability extended attribute: # touch /tmp/test # setfattr -n security.capability -v 0sAQAAAgAAgAAAAAAAAAAAAAAAAAA= /tmp/test # getfattr -d -m - --absolute-names /tmp/test | grep -v "#.*" security.capability=0sAQAAAgAAgAAAAAAAAAAAAAAAAAA= # chown 0 /tmp/test # getfattr -d -m - --absolute-names /tmp/test | grep -v "#.*" # setfattr -n security.capability -v 0sAQAAAgAAgAAAAAAAAAAAAAAAAAA= /tmp/test # getfattr -d -m - --absolute-names /tmp/test | grep -v "#.*" security.capability=0sAQAAAgAAgAAAAAAAAAAAAAAAAAA= # python -c 'import os; os.chown("/tmp/test", 0, 0)' # getfattr -d -m - --absolute-names /tmp/test | grep -v "#.*" # The solution is maybe to copy extended attributes after _apply_stat().
Created attachment 522246 [details, diff] Patch
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/proj/portage.git/commit/?id=ad72389ed8067d740dd0e3f975a33f0c1cbfd8b5 commit ad72389ed8067d740dd0e3f975a33f0c1cbfd8b5 Author: Arfrever Frehtes Taifersar Arahesis <Arfrever@Apache.Org> AuthorDate: 2018-03-04 02:25:34 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2018-03-04 02:37:09 +0000 movefile: Fix preservation of security.capability xattr Call _apply_stat() before copying extended attributes, because _apply_stat() calls os.chown() which results in deleting security.capability extended attribute. Bug: https://bugs.gentoo.org/649418 pym/portage/util/movefile.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)}
Thanks!
Fixed in portage-2.3.40-r1.