From d0ccbb7c09eaf7cf38346f5910229d24982742c7 Mon Sep 17 00:00:00 2001
From: Ross Younger <crazyscot@gmail.com>
Date: Wed, 19 May 2021 16:01:42 +1200
Subject: [PATCH] abuild: filter out security.selinux xattrs

This patch modifies abuild's behaviour to be independent of
whether SELinux labels are present in the build environment.

This is a workaround for containerised build environments where the
hosting environment has SELinux enabled. Security labels leak into the
container, manifesting as xattrs.

Discussion thread:
https://lists.alpinelinux.org/~alpine/devel/%3CCA%2Bgy4ieuXLuQddxmPuiucyZbut%3D14cR8tgmGrh0qE9qLDBivmg%40mail.gmail.com%3E
---
 abuild.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/abuild.in b/abuild.in
index 0589e63..76cd77b 100644
--- a/abuild.in
+++ b/abuild.in
@@ -1717,6 +1717,7 @@ create_apks() {
 
 		# explicitly sort package content
 		find "$@" -print0 | LC_ALL=C sort -z | tar --xattrs \
+			--xattrs-exclude=security.selinux \
 			--format=posix \
 			--pax-option=exthdr.name=%d/PaxHeaders/%f,atime:=0,ctime:=0 \
 			--mtime="@${SOURCE_DATE_EPOCH}" \