Hi, I'm using the python selinux bindings to determine if SELinux is disable/permissive/enforcing. The following snippet of code works just fine on RH5 and F10 regardless of the SELinux mode, but fails with an error on F11/12/13 and RH6 if SELinux is disabled. $ python -c 'import selinux ; print selinux.security_getenforce()' Under RH5 and F10 I correctly get the -1/0/1 returns for disabled/permissive/enforcing, as specified in the man pages for 'security_getenforce'. Under F11/12/13 and RH6 for permissive and enforcing I get the correct return values, but if the system is in disabled mode instead an OSError is thrown for 'No such file or directory'. I haven't look at the source for the underlying security_getenforce() system call, but I suspect is is assuming that the /selinux pseudo filesystem is populated (as in permissive/enforcing mode), and is not handling the case where that pseudo filesystem is empty. For now I've got my python calls wrapped in try/except blocks treating any exception as SELinux in disabled mode. I wasn't sure where the best place to log this as a bug is, either for the libselinux-python package or libselinux itself. -Rob -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
