diff --git a/pkg/api/core/image/create_test.go b/pkg/api/core/image/create_test.go
index 5aea7a50..eb1ac999 100644
--- a/pkg/api/core/image/create_test.go
+++ b/pkg/api/core/image/create_test.go
@@ -47,7 +47,7 @@ var _ = Describe("Create", func() {
 			img, err := b.ImageReference("alpine", false)
 			Expect(err).ToNot(HaveOccurred())
 
-			_, dir, err := Extract(ctx, img, false, nil)
+			_, dir, err := Extract(ctx, img, nil)
 			Expect(err).ToNot(HaveOccurred())
 
 			defer os.RemoveAll(dir)
@@ -69,7 +69,7 @@ var _ = Describe("Create", func() {
 			img, err = b.ImageReference("testimage", false)
 			Expect(err).ToNot(HaveOccurred())
 
-			_, dir, err = Extract(ctx, img, false, nil)
+			_, dir, err = Extract(ctx, img, nil)
 			Expect(err).ToNot(HaveOccurred())
 
 			defer os.RemoveAll(dir)
diff --git a/pkg/api/core/image/delta_test.go b/pkg/api/core/image/delta_test.go
index e5127df9..922eea42 100644
--- a/pkg/api/core/image/delta_test.go
+++ b/pkg/api/core/image/delta_test.go
@@ -74,7 +74,6 @@ var _ = Describe("Delta", func() {
 				_, tmpdir, err := Extract(
 					ctx,
 					img2,
-					true,
 					f,
 				)
 				Expect(err).ToNot(HaveOccurred())
@@ -94,7 +93,6 @@ var _ = Describe("Delta", func() {
 				_, tmpdir, err := Extract(
 					ctx,
 					img2,
-					true,
 					f,
 				)
 				Expect(err).ToNot(HaveOccurred())
@@ -109,7 +107,6 @@ var _ = Describe("Delta", func() {
 				_, tmpdir, err := Extract(
 					ctx,
 					img2,
-					true,
 					f,
 				)
 				Expect(err).ToNot(HaveOccurred())
@@ -124,7 +121,6 @@ var _ = Describe("Delta", func() {
 				_, tmpdir, err := Extract(
 					ctx,
 					img2,
-					true,
 					f,
 				)
 				Expect(err).ToNot(HaveOccurred())
diff --git a/pkg/api/core/image/extract.go b/pkg/api/core/image/extract.go
index 8234f404..4c5f9478 100644
--- a/pkg/api/core/image/extract.go
+++ b/pkg/api/core/image/extract.go
@@ -19,14 +19,11 @@ import (
 	"archive/tar"
 	"context"
 	"io"
-	"io/fs"
 	"os"
 	"path/filepath"
 	"strings"
-	"syscall"
 
 	containerdarchive "github.com/containerd/containerd/archive"
-	"github.com/docker/docker/pkg/system"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/mutate"
 	"github.com/mudler/luet/pkg/api/core/types"
@@ -196,7 +193,7 @@ func ExtractFiles(
 // ExtractReader perform the extracting action over the io.ReadCloser
 // it extracts the files over output. Accepts a filter as an option
 // and additional containerd Options
-func ExtractReader(ctx *types.Context, reader io.ReadCloser, output string, keepPerms bool, filter func(h *tar.Header) (bool, error), opts ...containerdarchive.ApplyOpt) (int64, string, error) {
+func ExtractReader(ctx *types.Context, reader io.ReadCloser, output string, filter func(h *tar.Header) (bool, error), opts ...containerdarchive.ApplyOpt) (int64, string, error) {
 	defer reader.Close()
 
 	// If no filter is specified, grab all.
@@ -204,36 +201,7 @@ func ExtractReader(ctx *types.Context, reader io.ReadCloser, output string, keep
 		filter = func(h *tar.Header) (bool, error) { return true, nil }
 	}
 
-	// Keep records of permissions as we walk the tar
-	type permData struct {
-		PAX, Xattrs map[string]string
-		Uid, Gid    int
-		Name        string
-		FileMode    fs.FileMode
-	}
-
-	permstore, err := ctx.Config.System.TempDir("permstore")
-	if err != nil {
-		return 0, "", err
-	}
-	perms := NewCache(permstore, 50*1024*1024, 10000)
-
-	f := func(h *tar.Header) (bool, error) {
-		res, err := filter(h)
-		if res {
-			perms.SetValue(h.Name, permData{
-				PAX: h.PAXRecords,
-				Uid: h.Uid, Gid: h.Gid,
-				Xattrs:   h.Xattrs,
-				Name:     h.Name,
-				FileMode: h.FileInfo().Mode(),
-			})
-			//perms = append(perms, })
-		}
-		return res, err
-	}
-
-	opts = append(opts, containerdarchive.WithFilter(f))
+	opts = append(opts, containerdarchive.WithFilter(filter))
 
 	// Handle the extraction
 	c, err := containerdarchive.Apply(context.Background(), output, reader, opts...)
@@ -241,46 +209,19 @@ func ExtractReader(ctx *types.Context, reader io.ReadCloser, output string, keep
 		return 0, "", err
 	}
 
-	// Reconstruct permissions
-	if keepPerms {
-		ctx.Debug("Reconstructing permissions")
-		perms.All(func(cr CacheResult) {
-			p := &permData{}
-			cr.Unmarshal(p)
-			ff := filepath.Join(output, p.Name)
-			if _, err := os.Lstat(ff); err == nil {
-				if err := os.Lchown(ff, p.Uid, p.Gid); err != nil {
-					ctx.Warning(err, "failed chowning file")
-				}
-				ctx.Debug("Set", p.Name, p.FileMode)
-				if err := os.Chmod(ff, p.FileMode); err != nil {
-					ctx.Warning(err, "failed chmod file")
-				}
-			}
-			for _, attrs := range []map[string]string{p.Xattrs, p.PAX} {
-				for k, attr := range attrs {
-					if err := system.Lsetxattr(ff, k, []byte(attr), 0); err != nil {
-						if errors.Is(err, syscall.ENOTSUP) {
-							ctx.Debug("ignored xattr %s in archive", ff)
-						}
-					}
-				}
-			}
-		})
-	}
 	return c, output, nil
 }
 
 // Extract is just syntax sugar around ExtractReader. It extracts an image into a dir
-func Extract(ctx *types.Context, img v1.Image, keepPerms bool, filter func(h *tar.Header) (bool, error), opts ...containerdarchive.ApplyOpt) (int64, string, error) {
+func Extract(ctx *types.Context, img v1.Image, filter func(h *tar.Header) (bool, error), opts ...containerdarchive.ApplyOpt) (int64, string, error) {
 	tmpdiffs, err := ctx.Config.GetSystem().TempDir("extraction")
 	if err != nil {
 		return 0, "", errors.Wrap(err, "Error met while creating tempdir for rootfs")
 	}
-	return ExtractReader(ctx, mutate.Extract(img), tmpdiffs, keepPerms, filter, opts...)
+	return ExtractReader(ctx, mutate.Extract(img), tmpdiffs, filter, opts...)
 }
 
 // ExtractTo is just syntax sugar around ExtractReader
-func ExtractTo(ctx *types.Context, img v1.Image, output string, keepPerms bool, filter func(h *tar.Header) (bool, error), opts ...containerdarchive.ApplyOpt) (int64, string, error) {
-	return ExtractReader(ctx, mutate.Extract(img), output, keepPerms, filter, opts...)
+func ExtractTo(ctx *types.Context, img v1.Image, output string, filter func(h *tar.Header) (bool, error), opts ...containerdarchive.ApplyOpt) (int64, string, error) {
+	return ExtractReader(ctx, mutate.Extract(img), output, filter, opts...)
 }
diff --git a/pkg/api/core/image/extract_test.go b/pkg/api/core/image/extract_test.go
index f5427b80..4a4ebaec 100644
--- a/pkg/api/core/image/extract_test.go
+++ b/pkg/api/core/image/extract_test.go
@@ -58,7 +58,6 @@ var _ = Describe("Extract", func() {
 				_, tmpdir, err := Extract(
 					ctx,
 					img,
-					true,
 					ExtractFiles(ctx, "", []string{}, []string{}),
 				)
 				Expect(err).ToNot(HaveOccurred())
@@ -72,7 +71,6 @@ var _ = Describe("Extract", func() {
 				_, tmpdir, err := Extract(
 					ctx,
 					img,
-					true,
 					ExtractFiles(ctx, "/usr", []string{}, []string{}),
 				)
 				Expect(err).ToNot(HaveOccurred())
@@ -86,7 +84,6 @@ var _ = Describe("Extract", func() {
 				_, tmpdir, err := Extract(
 					ctx,
 					img,
-					true,
 					ExtractFiles(ctx, "/usr", []string{"bin"}, []string{"sbin"}),
 				)
 				Expect(err).ToNot(HaveOccurred())
@@ -101,7 +98,6 @@ var _ = Describe("Extract", func() {
 				_, tmpdir, err := Extract(
 					ctx,
 					img,
-					true,
 					ExtractFiles(ctx, "", []string{"/usr|/usr/bin"}, []string{"^/bin"}),
 				)
 				Expect(err).ToNot(HaveOccurred())
diff --git a/pkg/api/core/types/artifact/artifact.go b/pkg/api/core/types/artifact/artifact.go
index f6d99f57..142094a8 100644
--- a/pkg/api/core/types/artifact/artifact.go
+++ b/pkg/api/core/types/artifact/artifact.go
@@ -70,8 +70,8 @@ type PackageArtifact struct {
 	Runtime           *pkg.DefaultPackage               `json:"runtime,omitempty"`
 }
 
-func ImageToArtifact(ctx *types.Context, img v1.Image, t compression.Implementation, output string, keepPerms bool, filter func(h *tar.Header) (bool, error)) (*PackageArtifact, error) {
-	_, tmpdiffs, err := image.Extract(ctx, img, keepPerms, filter)
+func ImageToArtifact(ctx *types.Context, img v1.Image, t compression.Implementation, output string, filter func(h *tar.Header) (bool, error)) (*PackageArtifact, error) {
+	_, tmpdiffs, err := image.Extract(ctx, img, filter)
 	if err != nil {
 		return nil, errors.Wrap(err, "Error met while creating tempdir for rootfs")
 	}
@@ -570,7 +570,7 @@ func (a *PackageArtifact) Unpack(ctx *types.Context, dst string, keepPerms bool)
 	// 	//	tarModifier.Modifier()
 	// 	return true, nil
 	// },
-	_, _, err = image.ExtractReader(ctx, replacerArchive, dst, ctx.Config.GetGeneral().SameOwner, nil)
+	_, _, err = image.ExtractReader(ctx, replacerArchive, dst, nil)
 	return err
 }
 
diff --git a/pkg/api/core/types/artifact/artifact_test.go b/pkg/api/core/types/artifact/artifact_test.go
index 9a04b4af..2aa0e87f 100644
--- a/pkg/api/core/types/artifact/artifact_test.go
+++ b/pkg/api/core/types/artifact/artifact_test.go
@@ -161,7 +161,6 @@ RUN echo bar > /test2`))
 				ctx,
 				img,
 				result,
-				false,
 				nil,
 			)
 			Expect(err).ToNot(HaveOccurred())
@@ -210,7 +209,6 @@ RUN echo bar > /test2`))
 				ctx,
 				img,
 				result,
-				false,
 				nil,
 			)
 			Expect(err).ToNot(HaveOccurred())
diff --git a/pkg/compiler/compiler.go b/pkg/compiler/compiler.go
index 15bdb055..4096adaa 100644
--- a/pkg/compiler/compiler.go
+++ b/pkg/compiler/compiler.go
@@ -255,7 +255,6 @@ func (cs *LuetCompiler) unpackFs(concurrency int, keepPermissions bool, p *compi
 	_, rootfs, err := image.Extract(
 		cs.Options.Context,
 		img,
-		keepPermissions,
 		image.ExtractFiles(
 			cs.Options.Context,
 			p.GetPackageDir(),
@@ -338,7 +337,6 @@ func (cs *LuetCompiler) unpackDelta(concurrency int, keepPermissions bool, p *co
 		ref2,
 		cs.Options.CompressionType,
 		p.Rel(fmt.Sprintf("%s%s", p.GetPackage().GetFingerPrint(), ".package.tar")),
-		keepPermissions,
 		filter,
 	)
 	if err != nil {
diff --git a/pkg/compiler/compiler_test.go b/pkg/compiler/compiler_test.go
index 24f4f4c1..e1db2cfd 100644
--- a/pkg/compiler/compiler_test.go
+++ b/pkg/compiler/compiler_test.go
@@ -899,7 +899,7 @@ var _ = Describe("Compiler", func() {
 
 			img, err := b.ImageReference(fmt.Sprintf("%s:%s", imageName, artifacts[0].Runtime.ImageID()), true)
 			Expect(err).ToNot(HaveOccurred())
-			_, path, err := image.Extract(ctx, img, false, nil)
+			_, path, err := image.Extract(ctx, img, nil)
 			Expect(err).ToNot(HaveOccurred())
 			defer os.RemoveAll(path) // clean up
 
@@ -907,7 +907,7 @@ var _ = Describe("Compiler", func() {
 
 			img, err = b.ImageReference(fmt.Sprintf("%s:%s", imageName, artifacts[1].Runtime.GetMetadataFilePath()), true)
 			Expect(err).ToNot(HaveOccurred())
-			_, path, err = image.Extract(ctx, img, false, nil)
+			_, path, err = image.Extract(ctx, img, nil)
 			Expect(err).ToNot(HaveOccurred())
 			defer os.RemoveAll(path) // clean up
 
diff --git a/pkg/helpers/docker/docker.go b/pkg/helpers/docker/docker.go
index bb10e017..0aeb80b1 100644
--- a/pkg/helpers/docker/docker.go
+++ b/pkg/helpers/docker/docker.go
@@ -174,7 +174,6 @@ func DownloadAndExtractDockerImage(ctx *luettypes.Context, image, dest string, a
 		ctx,
 		img,
 		dest,
-		true,
 		nil,
 	)
 	if err != nil {
diff --git a/pkg/installer/repository_docker.go b/pkg/installer/repository_docker.go
index f141303e..e13cd53a 100644
--- a/pkg/installer/repository_docker.go
+++ b/pkg/installer/repository_docker.go
@@ -204,7 +204,6 @@ func (d *dockerRepositoryGenerator) Generate(r *LuetSystemRepository, imagePrefi
 			d.context,
 			img,
 			repoTemp,
-			d.context.Config.GetGeneral().SameOwner,
 			nil,
 		)
 		if err != nil {