DRAFT: bug(qemu runner): use gnutar for xattr+acl support

[stevebeattie]

Unlike the other runners which use a shared directory between the runner and the host OS, the qemu runner tars up the built artifacts in the vm and then untars them (through go's tar implementation) in the host environment, using busybox's tar.

There were two problems with this:

• --preserve-permissions (aka -p) was not being passed, so non-default permissions like setgid/setuid were not being captured in the tarball
• busybox tar reads PAX format tarfiles but does not generate them, so has no mechanism for including them in generated tarballs.

To fix this, convert to using gnutar by always including it in the environment when using the qemu runner, and secondly, pass the -p, --xattrs, and --acls arguments to tar so they are captured in the generated tarball.

This only partially addresses the issue, for two reasons:

1. melange is not setting xattrs when extracting from the tarball
2. in order for setuid root permissions and security xattrs (for fscaps) to be created in the host environment's file system, root (or more correctly, CAP_DAC_OVERRIDE, CAP_FOWNER, and CAP_SYSADMIN for setuid, acls, and fscap xatrrs respectively).

Fixes-partially: https://github.com/chainguard-dev/melange/issues/1731

[stevebeattie]

Also, this really needs some end2end test cases added.