Implement xattr-backed unprivileged operation

[erikh]

Right now, if you want to unpack tar files, you need to do it with full permissions support.

If we used xattrs or a naming scheme or a resource dir, we can store the permissions data in a way that could be restored after say a runc execution as a user.

This leaves some unanswered questions regarding user namespaces and rootless containers, but OS X could benefit greatly from this feature.

[unclejack]

The current code doesn't handle xattrs. The only exception is the whiteout conversion. The whiteout conversion filter converts whiteouts to the overlay format.

It'd be a good idea to have an interface for handling xattrs. This would make it possible to have a default handler which writes them to the files and reads them. The alternative implementations would be responsible for storing/reading.

What do you think?