This allows sepolgen to generate policy from AVC messages that contain contexts translated by mcstrans. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1356149 Signed-off-by: Vit Mojzis <vmojzis@xxxxxxxxxx> --- python/sepolgen/src/sepolgen/refpolicy.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/python/sepolgen/src/sepolgen/refpolicy.py b/python/sepolgen/src/sepolgen/refpolicy.py index 2ee029c1..352b1878 100644 --- a/python/sepolgen/src/sepolgen/refpolicy.py +++ b/python/sepolgen/src/sepolgen/refpolicy.py @@ -284,6 +284,11 @@ class SecurityContext(Leaf): Raises ValueError if the string is not parsable as a security context. """ + # try to translate the context string to raw form + raw = selinux.selinux_trans_to_raw_context(context) + if raw[0] == 0: + context = raw[1] + fields = context.split(":") if len(fields) < 3: raise ValueError("context string [%s] not in a valid format" % context) -- 2.14.3
