* doc/tar.texi (Extended File Attributes): The default extraction
pattern consists of just 'user.*' namespace only. While on it, try
to explain the reasons for this default behavior.
---
doc/tar.texi | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/doc/tar.texi b/doc/tar.texi
index 389a3448..e03ce3d4 100644
--- a/doc/tar.texi
+++ b/doc/tar.texi
@@ -5647,9 +5647,14 @@ Disable extended attributes support. This is the
default.
Attribute names are strings prefixed by a @dfn{namespace} name and a dot.
Currently, four namespaces exist: @samp{user}, @samp{trusted},
@samp{security} and @samp{system}. By default, when @option{--xattr}
-is used, all names are stored in the archive (or extracted, if using
-@option{--extract}). This can be controlled using the following
-options:
+is used, all names are stored in the archive (with @option{--create}),
+but only @samp{user} namespace is extracted (if using @option{--extract}).
+The reason for this behavior is that any other, system defined attributes
+don't provide us sufficient compatibility promise. Storing all attributes
+is safe operation for the archiving purposes. Though extracting those
+(often security related) attributes on a different system than originally
+archived can lead to extraction failures, or even misinterpretations.
+This behavior can be controlled using the following options:
@table @option
@item --xattrs-exclude=@var{pattern}
@@ -5659,6 +5664,10 @@ Specify exclude pattern for extended attributes.
Specify include pattern for extended attributes.
@end table
+Users shall manually check the attributes are binary compatible with the
+target system first, before any other namespace is extracted with an
+explicit @option{--xattr-include} option.
+
Here, the @var{pattern} is a globbing pattern. For example, the
following command:
--
2.33.1
