diff --git a/distro-build/fedora.sh b/distro-build/fedora.sh
index b976ab97d..8b27f6b95 100644
--- a/distro-build/fedora.sh
+++ b/distro-build/fedora.sh
@@ -9,31 +9,32 @@ bootstrap_distribution() {
 			--output "${WORKDIR}/fedora-${dist_version}-${arch}.tar.xz" \
 			"https://mirror.de.leaseweb.net/fedora/linux/releases/${dist_version:0:2}/Container/${arch}/images/Fedora-Container-Base-${dist_version}.${arch}.tar.xz"
 
-		mkdir "${WORKDIR}/fedora-$(translate_arch "$arch")"
+		sudo rm -rf "${WORKDIR}/fedora-tmp" "${WORKDIR}/fedora-$(translate_arch "$arch")"
+		mkdir "${WORKDIR}/fedora-tmp"
+		sudo mkdir -m 755 "${WORKDIR}/fedora-$(translate_arch "$arch")"
 		sudo tar -Jx --strip-components=1 \
 			-f "${WORKDIR}/fedora-${dist_version}-${arch}.tar.xz" \
+			-C "${WORKDIR}/fedora-tmp"
+		sudo tar -xp --acls --xattrs --xattrs-include='*' \
+			-f "${WORKDIR}/fedora-tmp"/layer.tar \
 			-C "${WORKDIR}/fedora-$(translate_arch "$arch")"
-		sudo mkdir -m 755 "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")"
-		sudo tar -xpf "${WORKDIR}/fedora-$(translate_arch "$arch")"/layer.tar \
-			-C "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")"
+		sudo rm -rf "${WORKDIR}/fedora-tmp"
 
 		cat <<- EOF | sudo unshare -mpf bash -e -
-		rm -f "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")/etc/resolv.conf"
-		echo "nameserver 1.1.1.1" > "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")/etc/resolv.conf"
-		echo "excludepkgs=*selinux*" >> "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")/etc/dnf/dnf.conf"
-		mount --bind /dev "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")/dev"
-		mount --bind /proc "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")/proc"
-		mount --bind /sys "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")/sys"
-		chroot "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")" yum upgrade -y
-		chroot "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")" yum install -y passwd util-linux
-		chroot "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")" yum clean all
-		chmod 4755 "${WORKDIR}/fedora-$(translate_arch "$arch")/fedora-$(translate_arch "$arch")"/usr/bin/sudo
+		rm -f "${WORKDIR}/fedora-$(translate_arch "$arch")/etc/resolv.conf"
+		echo "nameserver 1.1.1.1" > "${WORKDIR}/fedora-$(translate_arch "$arch")/etc/resolv.conf"
+		echo "excludepkgs=*selinux*" >> "${WORKDIR}/fedora-$(translate_arch "$arch")/etc/dnf/dnf.conf"
+		mount --bind /dev "${WORKDIR}/fedora-$(translate_arch "$arch")/dev"
+		mount --bind /proc "${WORKDIR}/fedora-$(translate_arch "$arch")/proc"
+		mount --bind /sys "${WORKDIR}/fedora-$(translate_arch "$arch")/sys"
+		chroot "${WORKDIR}/fedora-$(translate_arch "$arch")" yum upgrade -y
+		chroot "${WORKDIR}/fedora-$(translate_arch "$arch")" yum install -y passwd util-linux
+		chroot "${WORKDIR}/fedora-$(translate_arch "$arch")" yum clean all
+		chmod 4755 "${WORKDIR}/fedora-$(translate_arch "$arch")"/usr/bin/sudo
 		EOF
 
-		sudo tar -Jcf "${ROOTFS_DIR}/fedora-$(translate_arch "$arch")-pd-${CURRENT_VERSION}.tar.xz" \
-			-C "${WORKDIR}/fedora-$(translate_arch "$arch")" \
+		archive_rootfs "${ROOTFS_DIR}/fedora-$(translate_arch "$arch")-pd-${CURRENT_VERSION}.tar.xz" \
 			"fedora-$(translate_arch "$arch")"
-		sudo chown $(id -un):$(id -gn) "${ROOTFS_DIR}/fedora-$(translate_arch "$arch")-pd-${CURRENT_VERSION}.tar.xz"
 	done
 	unset arch
 }
diff --git a/distro-build/opensuse.sh b/distro-build/opensuse.sh
index f6e6a2556..82e66083b 100644
--- a/distro-build/opensuse.sh
+++ b/distro-build/opensuse.sh
@@ -26,28 +26,28 @@ bootstrap_distribution() {
 		docker save --output "${WORKDIR}/opensuse-image-dump-${arch}.tar" \
 			"opensuse/tumbleweed@${digest}"
 
-		mkdir "${WORKDIR}/opensuse-$(translate_arch "$arch")"
+		sudo rm -rf "${WORKDIR}/opensuse-tmp" "${WORKDIR}/opensuse-$(translate_arch "$arch")"
+		mkdir "${WORKDIR}/opensuse-tmp"
+		sudo mkdir -m 755 "${WORKDIR}/opensuse-$(translate_arch "$arch")"
 		sudo tar -x --strip-components=1 \
 			-f "${WORKDIR}/opensuse-image-dump-${arch}.tar" \
+			-C "${WORKDIR}/opensuse-tmp"
+		sudo tar -xpf "${WORKDIR}/opensuse-tmp"/layer.tar \
 			-C "${WORKDIR}/opensuse-$(translate_arch "$arch")"
-		sudo mkdir -m 755 "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")"
-		sudo tar -xpf "${WORKDIR}/opensuse-$(translate_arch "$arch")"/layer.tar \
-			-C "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")"
+		sudo rm -rf "${WORKDIR}/opensuse-tmp"
 
 		cat <<- EOF | sudo unshare -mpf bash -e -
-		rm -f "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")/etc/resolv.conf"
-		echo "nameserver 1.1.1.1" > "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")/etc/resolv.conf"
-		mount --bind /dev "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")/dev"
-		mount --bind /proc "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")/proc"
-		mount --bind /sys "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")/sys"
-		chroot "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")" zypper dup || true
-		chroot "${WORKDIR}/opensuse-$(translate_arch "$arch")/opensuse-$(translate_arch "$arch")" zypper install --no-confirm util-linux || true
+		rm -f "${WORKDIR}/opensuse-$(translate_arch "$arch")/etc/resolv.conf"
+		echo "nameserver 1.1.1.1" > "${WORKDIR}/opensuse-$(translate_arch "$arch")/etc/resolv.conf"
+		mount --bind /dev "${WORKDIR}/opensuse-$(translate_arch "$arch")/dev"
+		mount --bind /proc "${WORKDIR}/opensuse-$(translate_arch "$arch")/proc"
+		mount --bind /sys "${WORKDIR}/opensuse-$(translate_arch "$arch")/sys"
+		chroot "${WORKDIR}/opensuse-$(translate_arch "$arch")" zypper dup || true
+		chroot "${WORKDIR}/opensuse-$(translate_arch "$arch")" zypper install --no-confirm util-linux || true
 		EOF
 
-		sudo tar -Jcf "${ROOTFS_DIR}/opensuse-$(translate_arch "$arch")-pd-${CURRENT_VERSION}.tar.xz" \
-			-C "${WORKDIR}/opensuse-$(translate_arch "$arch")" \
+		archive_rootfs "${ROOTFS_DIR}/opensuse-$(translate_arch "$arch")-pd-${CURRENT_VERSION}.tar.xz" \
 			"opensuse-$(translate_arch "$arch")"
-		sudo chown $(id -un):$(id -gn) "${ROOTFS_DIR}/opensuse-$(translate_arch "$arch")-pd-${CURRENT_VERSION}.tar.xz"
 	done
 	unset opensuse_manifest
 }