When a path has no context, for example, when the file was created when
selinux was disabled, selinux.restorecon(path) will fail:
>>> selinux.restorecon('/etc/multipath.conf.new')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib64/python2.7/site-packages/selinux/__init__.py", line 88,
in restorecon
status, oldcontext = lgetfilecon(path)
OSError: [Errno 61] No data available
This failure does not seems to be useful, as we can successfully match
the context for this path using selinux.matchpathcon(), and set it
successfully using selinux.chcon(). The failure is caused by trying to
avoid the lsetfilecon() call if the current context is does not need
update.
This patch handles this specific error from lgetfilecon(), preventing
this failure.
Signed-off-by: Nir Soffer <nsoffer@xxxxxxxxxx>
---
libselinux/src/selinuxswig_python.i | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/libselinux/src/selinuxswig_python.i b/libselinux/src/selinuxswig_python.i
index c9a2341..8cea18d 100644
--- a/libselinux/src/selinuxswig_python.i
+++ b/libselinux/src/selinuxswig_python.i
@@ -8,7 +8,7 @@
%pythoncode %{
-import shutil, os, stat
+import shutil, os, errno, stat
DISABLED = -1
PERMISSIVE = 0
@@ -26,7 +26,12 @@ def restorecon(path, recursive=False):
status, context = matchpathcon(path, mode)
if status == 0:
- status, oldcontext = lgetfilecon(path)
+ try:
+ status, oldcontext = lgetfilecon(path)
+ except OSError as e:
+ if e.errno != errno.ENODATA:
+ raise
+ oldcontext = None
if context != oldcontext:
lsetfilecon(path, context)
--
2.4.3
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
