feat: add file-backed symlink support for tar extraction #306
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add platform-specific symlink handling during tar extraction to support stat virtualization for symlinks: - Linux: Create file-backed symlinks (regular files with symlink target as content) to work around xattr limitations on symlinks. The S_IFLNK file type is preserved in the override_stat xattr. - macOS: Extract symlinks normally and set xattrs using XATTR_NOFOLLOW flag to store override stats directly on symlinks. This enables proper uid:gid:mode virtualization for symlinks in container filesystems, matching the implementation in libkrun's filesystem layer.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR implements platform-specific symlink handling during tar extraction to support stat virtualization on symlinks, matching the recent file-backed symlink implementation in libkrun.
Changes
Linux: Creates file-backed symlinks instead of regular symlinks
user.containers.override_statxattrmacOS: Continues using regular symlinks with enhanced xattr support
XATTR_NOFOLLOWflag to set xattrs directly on symlinksContext
This change is required to support the new file-backed symlink representation in libkrun's filesystem implementations (overlayfs and passthrough). Without this, we cannot properly virtualize uid/gid/mode for symlinks in container filesystems on Linux.
Testing
Related