configure.ac    |   20 ++-

 doc/tar.texi    |   75 +++++++++

 src/Makefile.am |    7 +-

 src/common.h    |   18 ++

 src/create.c    |   54 ++++++-

 src/extract.c   |  123 ++++++++++++++

 src/list.c      |    7 +

 src/tar.c       |   80 +++++++++-

 src/tar.h       |   20 +++

 src/xattrs.c    |  489 +++++++++++++++++++++++++++++++++++++++++++++++++++++++

 src/xattrs.h    |   14 ++

 src/xheader.c   |  237 +++++++++++++++++++++++----

 12 files changed, 1103 insertions(+), 41 deletions(-)

diff -urNp tar-1.24-orig/configure.ac tar-1.24/configure.ac

--- tar-1.24-orig/configure.ac	2010-10-24 23:35:35.000000000 +0200

+++ tar-1.24/configure.ac	2010-10-25 10:24:52.548214037 +0200

@@ -44,7 +44,7 @@ AC_CHECK_HEADERS_ONCE(fcntl.h linux/fd.h

   sys/param.h sys/device.h sys/gentape.h \

   sys/inet.h sys/io/trioctl.h \

   sys/mtio.h sys/time.h sys/tprintf.h sys/tape.h \

-  unistd.h locale.h)

+  unistd.h locale.h attr/xattr.h sys/acl.h)

 AC_CHECK_HEADERS([sys/buf.h], [], [],

 [#if HAVE_SYS_PARAM_H

@@ -91,6 +91,12 @@ gl_INIT

 tar_PAXUTILS

 AC_CHECK_FUNCS_ONCE([fchmod fchown fsync lstat mkfifo readlink symlink])

+AC_CHECK_FUNCS(getxattr  fgetxattr  lgetxattr \

+               setxattr  fsetxattr  lsetxattr \

+               listxattr flistxattr llistxattr,

+               AC_DEFINE(HAVE_XATTRS,,[Define if we have a working extended attributes]),)

+AC_CHECK_LIB(acl, acl_get_fd)

+

 AC_CHECK_DECLS([getgrgid],,, [#include <grp.h>])

 AC_CHECK_DECLS([getpwuid],,, [#include <pwd.h>])

 AC_CHECK_DECLS([time],,, [#include <time.h>])

@@ -214,6 +220,7 @@ AC_DEFINE_UNQUOTED(DEFAULT_QUOTING_STYLE

 # Iconv

 AM_ICONV

 AC_CHECK_HEADERS(iconv.h)

+AC_CHECK_HEADERS(attr/xattr.h)

 AC_CHECK_TYPE(iconv_t,:,

               AC_DEFINE(iconv_t, int,

                         [Conversion descriptor type]),

@@ -223,6 +230,17 @@ AC_CHECK_TYPE(iconv_t,:,

 #endif

 ])

+AC_ARG_ENABLE(selinux,

+  AC_HELP_STRING([--enable-selinux],

+    [enable SELinux support (disabled by default)]),

+  [selinux_enabled=$enableval],

+  [selinux_enabled=no])

+

+if test "x$selinux_enabled" = xyes; then

+  AC_CHECK_LIB(selinux, getfilecon)

+  AC_CHECK_HEADERS(selinux/selinux.h)

+fi

+

 # Gettext.

 AM_GNU_GETTEXT([external], [need-formatstring-macros])

 AM_GNU_GETTEXT_VERSION([0.16])

diff -urNp tar-1.24-orig/doc/tar.texi tar-1.24/doc/tar.texi

--- tar-1.24-orig/doc/tar.texi	2010-10-24 20:07:54.000000000 +0200

+++ tar-1.24/doc/tar.texi	2010-10-25 10:24:52.554213688 +0200

@@ -2370,6 +2370,10 @@ Normally when creating an archive, @comm

 @samp{/} from member names.  This option disables that behavior.

 @xref{absolute}.

+@opsummary{acl}

+@item --acls

+Causes @command{tar} to store ACL's.  @xref{Attributes}.

+

 @opsummary{after-date}

 @item --after-date

@@ -2914,6 +2918,10 @@ contents have changed (as opposed to just @option{--newer}, which will

 also back up files for which any status information has

 changed).  @xref{after}.

+@opsummary{no-acl}

+@item --no-acls

+Causes @command{tar} not to store and not to extract ACL's.  @xref{Attributes}.

+

 @opsummary{no-anchored}

 @item --no-anchored

 An exclude pattern can match any subsequence of the name's components.

@@ -2997,11 +3005,21 @@ locations.  Usually @command{tar} determines automatically whether

 the archive can be seeked or not.  Use this option to disable this

 mechanism.

+@opsummary{no-selinux}

+@item --no-selinux

+Causes @command{tar} not to store and not to extract SELinux security context.

+@xref{Attributes}.

+

 @opsummary{no-unquote}

 @item --no-unquote

 Treat all input file or member names literally, do not interpret

 escape sequences.  @xref{input name quoting}.

+@opsummary{no-xattrs}

+@item --no-xattrs

+Causes @command{tar} not to store and not to extract xattrs. This option also

+enables @option{--no-selinux} and @option{--no-acls}.  @xref{Attributes}.

+

 @opsummary{no-wildcards}

 @item --no-wildcards

 Do not use wildcards.

@@ -3234,6 +3252,11 @@ in cases when such recognition fails.  It takes effect only if the

 archive is open for reading (e.g. with @option{--list} or

 @option{--extract} options).

+@opsummary{selinux}

+@item --selinux

+Causes @command{tar} to store SElinux security context.  @xref{Attributes}.

+

+

 @opsummary{show-defaults}

 @item --show-defaults

@@ -3447,6 +3470,11 @@ Enable or disable warning messages identified by @var{keyword}.  The

 messages are suppressed if @var{keyword} is prefixed with @samp{no-}.

 @xref{warnings}.

+@opsummary{xattrs}

+@item --xattrs

+Causes @command{tar} to store xattrs. This option also enables

+@option{--selinux} and @option{--acls}.  @xref{Attributes}.

+

 @opsummary{wildcards}

 @item --wildcards

 Use wildcards when matching member names with patterns.

@@ -8659,6 +8687,8 @@ implementation able to read @samp{ustar} archives will be able to read

 most @samp{posix} archives as well, with the only exception that any

 additional information (such as long file names etc.) will in such

 case be extracted as plain text files along with the files it refers to.

+This is the only format that can store ACLs, SELinux context and extended

+attributes.

 This archive format will be the default format for future versions

 of @GNUTAR{}.

@@ -9293,6 +9323,51 @@ Same as both @option{--same-permissions} and @option{--same-order}.

 This option is deprecated, and will be removed in @GNUTAR{} version 1.23.

+@opindex acls

+@item --acls

+This option causes @command{tar} to store the current ACL in the archive.

+

+The @option{--acls} option has no equivalent short option name.

+

+@opindex selinux

+@item --selinux

+This option causes @command{tar} to store the current SELinux security context

+information in the archive.

+

+The @option{--selinux} option has no equivalent short option name.

+

+@opindex xattrs

+@item --xattrs

+This option causes @command{tar} to store the current extended attributes in

+the archive. This option also enables @option{--acls} and @option{--selinux} if

+they haven't been set already.

+

+The @option{--xattrs} option has no equivalent short option name.

+

+@opindex no-acls

+@item --no-acls

+This option causes @command{tar} not to store the current ACL in the archive

+and not to extract any ACL information in an archive.

+

+The @option{--no-acls} option has no equivalent short option name.

+

+@opindex no-selinux

+@item --no-selinux

+This option causes @command{tar} not to store the current SELinux security

+context information in the archive and not to extract any SELinux information in

+an archive.

+

+The @option{--no-selinux} option has no equivalent short option name.

+

+@opindex no-xattrs

+@item --no-xattrs

+This option causes @command{tar} not to store the current extended attributes in

+the archive and not to extract any extended attributes in an archive. This

+option also enables @option{--no-acls} and @option{--no-selinux} if

+they haven't been set already.

+

+The @option{--no-xattrs} option has no equivalent short option name.

+

 @end table

 @node Portability

diff -urNp tar-1.24-orig/src/common.h tar-1.24/src/common.h

--- tar-1.24-orig/src/common.h	2010-10-24 20:07:54.000000000 +0200

+++ tar-1.24/src/common.h	2010-10-25 10:24:52.558475456 +0200

@@ -253,6 +253,15 @@ GLOBAL int same_owner_option;

 /* If positive, preserve permissions when extracting.  */

 GLOBAL int same_permissions_option;

+/* If positive, save the SELinux context.  */

+GLOBAL int selinux_context_option;

+

+/* If positive, save the ACLs.  */

+GLOBAL int acls_option;

+

+/* If positive, save the user and root xattrs.  */

+GLOBAL int xattrs_option;

+

 /* When set, strip the given number of file name components from the file name

    before extracting */

 GLOBAL size_t strip_name_components;

@@ -707,6 +716,9 @@ extern char *output_start;

 void update_archive (void);

+/* Module attrs.c.  */

+#include "xattrs.h"

+

 /* Module xheader.c.  */

 void xheader_decode (struct tar_stat_info *stat);

@@ -727,6 +739,12 @@ bool xheader_string_end (struct xheader *xhdr, char const *keyword);

 bool xheader_keyword_deleted_p (const char *kw);

 char *xheader_format_name (struct tar_stat_info *st, const char *fmt,

 			   size_t n);

+void xheader_xattr_init(struct tar_stat_info *st);

+void xheader_xattr_free(struct xattr_array *vals, size_t sz);

+void xheader_xattr_copy(const struct tar_stat_info *st,

+                        struct xattr_array **vals, size_t *sz);

+void xheader_xattr_add(struct tar_stat_info *st,

+                       const char *key, const char *val, size_t len);

 /* Module system.c */

diff -urNp tar-1.24-orig/src/create.c tar-1.24/src/create.c

--- tar-1.24-orig/src/create.c	2010-10-24 20:07:54.000000000 +0200

+++ tar-1.24/src/create.c	2010-10-25 10:24:52.560213618 +0200

@@ -24,6 +24,7 @@

 #include <quotearg.h>

 #include "common.h"

+

 #include <hash.h>

 /* Error number to use when an impostor is discovered.

@@ -936,6 +937,30 @@ start_header (struct tar_stat_info *st)

       GNAME_TO_CHARS (st->gname, header->header.gname);

     }

+  if (archive_format == POSIX_FORMAT)

+    {

+      if (acls_option > 0)

+        {

+          if (st->acls_a_ptr)

+            xheader_store ("SCHILY.acl.access", st, NULL);

+          if (st->acls_d_ptr)

+            xheader_store ("SCHILY.acl.default", st, NULL);

+        }

+      if ((selinux_context_option > 0) && st->cntx_name)

+        xheader_store ("RHT.security.selinux", st, NULL);

+      if (xattrs_option > 0)

+        {

+          size_t scan_xattr = 0;

+          struct xattr_array *xattr_map = st->xattr_map;

+

+          while (scan_xattr < st->xattr_map_size)

+            {

+              xheader_store (xattr_map[scan_xattr].xkey, st, &scan_xattr);

+              ++scan_xattr;

+            }

+        }

+    }

+

   return header;

 }

@@ -1710,6 +1735,14 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p)

     {

       bool ok;

       struct stat final_stat;

+      int fd_xattr = fd;

+      if (!fd_xattr)

+	// upstream tar now uses zero fd as "no fd"

+	fd_xattr = -1;

+

+      xattrs_acls_get(st, p, fd_xattr, !is_dir);

+      xattrs_selinux_get(st, p, fd_xattr);

+      xattrs_xattrs_get(st, p, fd_xattr);

       if (is_dir)

 	{

@@ -1829,6 +1862,9 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p)

       if (NAME_FIELD_SIZE - (archive_format == OLDGNU_FORMAT) < size)

 	write_long_link (st);

+      xattrs_selinux_get(st, p, -1);

+      xattrs_xattrs_get(st, p, -1);

+

       block_ordinal = current_block_ordinal ();

       st->stat.st_size = 0;	/* force 0 size on symlink */

       header = start_header (st);

@@ -1847,11 +1883,23 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p)

     }

 #endif

   else if (S_ISCHR (st->stat.st_mode))

-    type = CHRTYPE;

+    {

+      type = CHRTYPE;

+      xattrs_selinux_get(st, p, -1);

+      xattrs_xattrs_get(st, p, -1);

+    }

   else if (S_ISBLK (st->stat.st_mode))

-    type = BLKTYPE;

+    {

+      type = BLKTYPE;

+      xattrs_selinux_get(st, p, -1);

+      xattrs_xattrs_get(st, p, -1);

+    }

   else if (S_ISFIFO (st->stat.st_mode))

-    type = FIFOTYPE;

+    {

+      type = FIFOTYPE;

+      xattrs_selinux_get(st, p, -1);

+      xattrs_xattrs_get(st, p, -1);

+    }

   else if (S_ISSOCK (st->stat.st_mode))

     {

       WARNOPT (WARN_FILE_IGNORED,

diff -urNp tar-1.24-orig/src/extract.c tar-1.24/src/extract.c

--- tar-1.24-orig/src/extract.c	2010-10-24 20:07:54.000000000 +0200

+++ tar-1.24/src/extract.c	2010-10-25 10:35:10.903214037 +0200

@@ -97,6 +97,14 @@ struct delayed_set_stat

     /* Directory that the name is relative to.  */

     int change_dir;

+    /* extended attributes*/

+    char *cntx_name;

+    char *acls_a_ptr;

+    size_t acls_a_len;

+    char *acls_d_ptr;

+    size_t acls_d_len;

+    size_t xattr_map_size;   /* Size of the xattr map */

+    struct xattr_array *xattr_map;

     /* Length and contents of name.  */

     size_t file_name_len;

     char file_name[1];

@@ -134,6 +142,18 @@ struct delayed_link

        hard-linked together.  */

     struct string_list *sources;

+    /* SELinux context */

+    char *cntx_name;

+

+    /* ACLs */

+    char *acls_a_ptr;

+    size_t acls_a_len;

+    char *acls_d_ptr;

+    size_t acls_d_len;

+

+    size_t xattr_map_size;   /* Size of the xattr map */

+    struct xattr_array *xattr_map;

+

     /* The desired target of the desired link.  */

     char target[1];

   };

@@ -335,6 +355,10 @@ set_stat (char const *file_name,

 	utime_error (file_name);

     }

+  xattrs_acls_set(st, file_name, typeflag);

+  xattrs_selinux_set(st, file_name, typeflag);

+  xattrs_xattrs_set(st, file_name, typeflag);

+

   if (0 < same_owner_option && ! interdir)

     {

       /* Some systems allow non-root users to give files away.  Once this

@@ -431,6 +455,36 @@ delay_set_stat (char const *file_name, s

   data->atflag = atflag;

   data->after_links = 0;

   data->change_dir = chdir_current;

+  data->cntx_name = NULL;

+  if (st)

+    assign_string (&data->cntx_name, st->cntx_name);

+  if (st && st->acls_a_ptr)

+    {

+      data->acls_a_ptr = xmemdup(st->acls_a_ptr, st->acls_a_len + 1);

+      data->acls_a_len = st->acls_a_len;

+    }

+  else

+    {

+      data->acls_a_ptr = NULL;

+      data->acls_a_len = 0;

+    }

+  if (st && st->acls_d_ptr)

+    {

+      data->acls_d_ptr = xmemdup(st->acls_d_ptr, st->acls_d_len + 1);

+      data->acls_d_len = st->acls_d_len;

+    }

+  else

+    {

+      data->acls_d_ptr = NULL;

+      data->acls_d_len = 0;

+    }

+  if (st)

+    xheader_xattr_copy (st, &data->xattr_map, &data->xattr_map_size);

+  else

+    {

+      data->xattr_map = NULL;

+      data->xattr_map_size = 0;

+    }

   strcpy (data->file_name, file_name);

   delayed_set_stat_head = data;

   if (must_be_dot_or_slash (file_name))

@@ -673,6 +727,31 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made)

   return RECOVER_NO;

 }

+/* Restore stat extended attributes (xattr) for FILE_NAME, using information

+   given in *ST.  Restore before extraction because they may affect layout.

+   If not restoring permissions, invert the

+   INVERT_PERMISSIONS bits from the file's current permissions.

+   TYPEFLAG specifies the type of the file.

+   FILE_CREATED indicates set_xattr has created the file */

+static int

+set_xattr (char const *file_name, struct tar_stat_info const *st,

+	   mode_t invert_permissions, char typeflag, int *file_created)

+{

+  int status = 0;

+  bool interdir_made = false;

+

+  if ((xattrs_option >= 0) && st->xattr_map_size) {

+    mode_t mode = current_stat_info.stat.st_mode & MODE_RWX & ~ current_umask;

+

+    do

+      status = mknod (file_name, mode ^ invert_permissions, 0);

+    while (status && maybe_recoverable ((char *)file_name, false, &interdir_made));

+    xattrs_xattrs_set(st, file_name, typeflag);

+    *file_created = 1;

+  }

+  return(status);

+}

+

 /* Fix the statuses of all directories whose statuses need fixing, and

    which are not ancestors of FILE_NAME.  If AFTER_LINKS is

    nonzero, do this for all such directories; otherwise, stop at the

@@ -733,12 +812,23 @@ apply_nonancestor_delayed_set_stat (char const *file_name, bool after_links)

 	  sb.stat.st_gid = data->gid;

 	  sb.atime = data->atime;

 	  sb.mtime = data->mtime;

+	  sb.cntx_name = data->cntx_name;

+	  sb.acls_a_ptr = data->acls_a_ptr;

+	  sb.acls_a_len = data->acls_a_len;

+	  sb.acls_d_ptr = data->acls_d_ptr;

+	  sb.acls_d_len = data->acls_d_len;

+	  sb.xattr_map = data->xattr_map;

+	  sb.xattr_map_size = data->xattr_map_size;

 	  set_stat (data->file_name, &sb,

 		    -1, current_mode, current_mode_mask,

 		    DIRTYPE, data->interdir, data->atflag);

 	}

       delayed_set_stat_head = data->next;

+      xheader_xattr_free (data->xattr_map, data->xattr_map_size);

+      free (data->cntx_name);

+      free (data->acls_a_ptr);

+      free (data->acls_d_ptr);

       free (data);

     }

 }

@@ -854,6 +944,7 @@ extract_dir (char *file_name, int typeflag)

 static int

 open_output_file (char const *file_name, int typeflag, mode_t mode,

+                  int file_created,

 		  mode_t *current_mode, mode_t *current_mode_mask)

 {

   int fd;

@@ -864,6 +955,10 @@ open_output_file (char const *file_name, int typeflag, mode_t mode,

 		     ? O_TRUNC | (dereference_option ? 0 : O_NOFOLLOW)

 		     : O_EXCL));

+  /* File might be created in set_xattr. So clear O_EXCL to avoid open() failure */

+  if (file_created)

+    openflag = openflag & ~O_EXCL;

+

   if (typeflag == CONTTYPE)

     {

       static int conttype_diagnosed;

@@ -934,6 +1029,7 @@ extract_file (char *file_name, int typeflag)

   bool interdir_made = false;

   mode_t mode = (current_stat_info.stat.st_mode & MODE_RWX

 		 & ~ (0 < same_owner_option ? S_IRWXG | S_IRWXO : 0));

+  mode_t invert_permissions = 0 < same_owner_option ? mode & (S_IRWXG | S_IRWXO) : 0;

   mode_t current_mode = 0;

   mode_t current_mode_mask = 0;

@@ -950,7 +1046,17 @@ extract_file (char *file_name, int typeflag)

     }

   else

     {

+      int file_created = 0;

+      if (set_xattr (file_name, &current_stat_info, invert_permissions,

+		     typeflag, &file_created))

+        {

+          skip_member ();

+          open_error (file_name);

+          return 1;

+        }

+

       while ((fd = open_output_file (file_name, typeflag, mode,

+                                     file_created,

 				     &current_mode, &current_mode_mask))

 	     < 0)

 	{

@@ -1091,6 +1197,13 @@ create_placeholder_file (char *file_name, bool is_symlink, bool *interdir_made)

 			    + strlen (file_name) + 1);

       p->sources->next = 0;

       strcpy (p->sources->string, file_name);

+      p->cntx_name = NULL;

+      assign_string (&p->cntx_name, current_stat_info.cntx_name);

+      p->acls_a_ptr = NULL;

+      p->acls_a_len = 0;

+      p->acls_d_ptr = NULL;

+      p->acls_d_len = 0;

+      xheader_xattr_copy (&current_stat_info, &p->xattr_map, &p->xattr_map_size);

       strcpy (p->target, current_stat_info.link_name);

       h = delayed_set_stat_head;

@@ -1525,6 +1638,13 @@ apply_delayed_links (void)

 		  st1.stat.st_gid = ds->gid;

 		  st1.atime = ds->atime;

 		  st1.mtime = ds->mtime;

+                  st1.cntx_name = ds->cntx_name;

+                  st1.acls_a_ptr = ds->acls_a_ptr;

+                  st1.acls_a_len = ds->acls_a_len;

+                  st1.acls_d_ptr = ds->acls_d_ptr;

+                  st1.acls_d_len = ds->acls_d_len;

+                  st1.xattr_map = ds->xattr_map;

+                  st1.xattr_map_size = ds->xattr_map_size;

 		  set_stat (source, &st1, -1, 0, 0, SYMTYPE,

 			    false, AT_SYMLINK_NOFOLLOW);

 		  valid_source = source;

@@ -1539,6 +1659,9 @@ apply_delayed_links (void)

 	  sources = next;

 	}

+   xheader_xattr_free (ds->xattr_map, ds->xattr_map_size);

+   free (ds->cntx_name);

+

       {

 	struct delayed_link *next = ds->next;

 	free (ds);

diff -urNp tar-1.24-orig/src/list.c tar-1.24/src/list.c

--- tar-1.24-orig/src/list.c	2010-10-25 09:15:14.216463863 +0200

+++ tar-1.24/src/list.c	2010-10-25 10:24:52.563213968 +0200

@@ -615,6 +615,13 @@ decode_header (union block *header, struct tar_stat_info *stat_info,

   assign_string (&stat_info->gname,

 		 header->header.gname[0] ? header->header.gname : NULL);

+  stat_info->acls_a_ptr = NULL;

+  stat_info->acls_a_len = 0;

+  stat_info->acls_d_ptr = NULL;

+  stat_info->acls_d_len = 0;

+  stat_info->cntx_name = NULL;

+  xheader_xattr_init(stat_info);

+

   if (format == OLDGNU_FORMAT && incremental_option)

     {

       stat_info->atime.tv_sec = TIME_FROM_HEADER (header->oldgnu_header.atime);

diff -urNp tar-1.24-orig/src/Makefile.am tar-1.24/src/Makefile.am

--- tar-1.24-orig/src/Makefile.am	2010-10-24 20:07:54.000000000 +0200

+++ tar-1.24/src/Makefile.am	2010-10-25 10:24:52.564214456 +0200

@@ -20,7 +20,7 @@

 bin_PROGRAMS = tar

-noinst_HEADERS = arith.h common.h tar.h

+noinst_HEADERS = arith.h common.h tar.h xattrs.h

 tar_SOURCES = \

  buffer.c\

  checkpoint.c\

@@ -42,10 +42,11 @@ tar_SOURCES = \

  unlink.c\

  update.c\

  utf8.c\

- warning.c

+ warning.c\

+ xattrs.c

 INCLUDES = -I$(top_srcdir)/gnu -I../ -I../gnu -I$(top_srcdir)/lib -I../lib

 LDADD = ../lib/libtar.a ../gnu/libgnu.a $(LIBINTL) $(LIBICONV)

-tar_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME) $(LIB_EACCESS)

+tar_LDADD = $(LIBS) $(LDADD) $(LIB_CLOCK_GETTIME) $(LIB_EACCESS)

diff -urNp tar-1.24-orig/src/tar.c tar-1.24/src/tar.c

--- tar-1.24-orig/src/tar.c	2010-10-24 20:07:55.000000000 +0200

+++ tar-1.24/src/tar.c	2010-10-25 10:24:52.565223676 +0200

@@ -255,7 +255,8 @@ tar_set_quoting_style (char *arg)

 enum

 {

-  ANCHORED_OPTION = CHAR_MAX + 1,

+  ACLS_OPTION = CHAR_MAX + 1,

+  ANCHORED_OPTION,

   ATIME_PRESERVE_OPTION,

   BACKUP_OPTION,

   CHECK_DEVICE_OPTION,

@@ -288,6 +289,7 @@ enum

   MODE_OPTION,

   MTIME_OPTION,

   NEWER_MTIME_OPTION,

+  NO_ACLS_OPTION,

   NO_ANCHORED_OPTION,

   NO_AUTO_COMPRESS_OPTION,

   NO_CHECK_DEVICE_OPTION,

@@ -301,9 +303,11 @@ enum

   NO_SAME_OWNER_OPTION,

   NO_SAME_PERMISSIONS_OPTION,

   NO_SEEK_OPTION,

+  NO_SELINUX_CONTEXT_OPTION,

   NO_UNQUOTE_OPTION,

   NO_WILDCARDS_MATCH_SLASH_OPTION,

   NO_WILDCARDS_OPTION,

+  NO_XATTR_OPTION,

   NULL_OPTION,

   NUMERIC_OWNER_OPTION,

   OCCURRENCE_OPTION,

@@ -325,6 +329,7 @@ enum

   RMT_COMMAND_OPTION,

   RSH_COMMAND_OPTION,

   SAME_OWNER_OPTION,

+  SELINUX_CONTEXT_OPTION,

   SHOW_DEFAULTS_OPTION,

   SHOW_OMITTED_DIRS_OPTION,

   SHOW_TRANSFORMED_NAMES_OPTION,

@@ -340,7 +345,8 @@ enum

   VOLNO_FILE_OPTION,

   WARNING_OPTION,

   WILDCARDS_MATCH_SLASH_OPTION,

-  WILDCARDS_OPTION

+  WILDCARDS_OPTION,

+  XATTR_OPTION

 };

 const char *argp_program_version = "tar (" PACKAGE_NAME ") " VERSION;

@@ -486,6 +492,10 @@ static struct argp_option options[] = {

   {NULL, 0, NULL, 0,

    N_("Handling of file attributes:"), GRID },

+  {"acls", ACLS_OPTION, 0, 0,

+   N_("Save the ACLs to the archive"), GRID+1 },

+  {"no-acls", NO_ACLS_OPTION, 0, 0,

+   N_("Don't extract the ACLs from the archive"), GRID+1 },

   {"owner", OWNER_OPTION, N_("NAME"), 0,

    N_("force NAME as owner for added files"), GRID+1 },

   {"group", GROUP_OPTION, N_("NAME"), 0,

@@ -516,6 +526,14 @@ static struct argp_option options[] = {

   {"preserve-order", 's', 0, 0,

    N_("sort names to extract to match archive"), GRID+1 },

   {"same-order", 0, 0, OPTION_ALIAS, NULL, GRID+1 },

+  {"selinux", SELINUX_CONTEXT_OPTION, 0, 0,

+   N_("Save the SELinux context to the archive"), GRID+1 },

+  {"no-selinux", NO_SELINUX_CONTEXT_OPTION, 0, 0,

+   N_("Don't extract the SELinux context from the archive"), GRID+1 },

+  {"xattrs", XATTR_OPTION, 0, 0,

+   N_("Save the user/root xattrs to the archive"), GRID+1 },

+  {"no-xattrs", NO_XATTR_OPTION, 0, 0,

+   N_("Don't extract the user/root xattrs from the archive"), GRID+1 },

   {"preserve", PRESERVE_OPTION, 0, 0,

    N_("same as both -p and -s"), GRID+1 },

   {"delay-directory-restore", DELAY_DIRECTORY_RESTORE_OPTION, 0, 0,

@@ -2079,6 +2097,37 @@ parse_opt (int key, char *arg, struct ar

       same_permissions_option = -1;

       break;

+    case ACLS_OPTION:

+      set_archive_format ("posix");

+      acls_option = 1;

+      break;

+

+    case NO_ACLS_OPTION:

+      acls_option = -1;

+      break;

+

+    case SELINUX_CONTEXT_OPTION:

+      set_archive_format ("posix");

+      selinux_context_option = 1;

+      break;

+

+    case NO_SELINUX_CONTEXT_OPTION:

+      selinux_context_option = -1;

+      break;

+

+    case XATTR_OPTION:

+      set_archive_format ("posix");

+      if (!acls_option) acls_option = 1;

+      if (!selinux_context_option) selinux_context_option = 1;

+      xattrs_option = 1;

+      break;

+

+    case NO_XATTR_OPTION:

+      if (!acls_option) acls_option = -1;

+      if (!selinux_context_option) selinux_context_option = -1;

+      xattrs_option = -1;

+      break;

+

     case RECURSION_OPTION:

       recursion_option = FNM_LEADING_DIR;

       break;

@@ -2461,6 +2510,29 @@ decode_options (int argc, char **argv)

 	  || subcommand_option != LIST_SUBCOMMAND))

     USAGE_ERROR ((0, 0, _("--pax-option can be used only on POSIX archives")));

+  /* star create's non-POSIX typed archives with xattr support, so allow the

+     extra headers */

+  if ((acls_option > 0)

+      && archive_format != POSIX_FORMAT

+      && (subcommand_option != EXTRACT_SUBCOMMAND

+	  || subcommand_option != DIFF_SUBCOMMAND

+	  || subcommand_option != LIST_SUBCOMMAND))

+    USAGE_ERROR ((0, 0, _("--acls can be used only on POSIX archives")));

+

+  if ((selinux_context_option > 0)

+      && archive_format != POSIX_FORMAT

+      && (subcommand_option != EXTRACT_SUBCOMMAND

+	  || subcommand_option != DIFF_SUBCOMMAND

+	  || subcommand_option != LIST_SUBCOMMAND))

+    USAGE_ERROR ((0, 0, _("--selinux can be used only on POSIX archives")));

+

+  if ((xattrs_option > 0)

+      && archive_format != POSIX_FORMAT

+      && (subcommand_option != EXTRACT_SUBCOMMAND

+	  || subcommand_option != DIFF_SUBCOMMAND

+	  || subcommand_option != LIST_SUBCOMMAND))