When a file name in type transition rule used in an interface is same as a keyword, it needs to be M4 escaped so that the keyword is not expanded by M4, e.g. - filetrans_pattern($1, virt_var_run_t, virtinterfaced_var_run_t, dir, "interface") + filetrans_pattern($1, virt_var_run_t, virtinterfaced_var_run_t, dir, "``interface''") But sepolgen-ifgen could not parse such string: # sepolgen-ifgen Illegal character '`' This change allows M4 escaping inside quoted strings and fixed described problem. https://bugzilla.redhat.com/show_bug.cgi?id=2254206 Signed-off-by: Petr Lautrbach <lautrbach@xxxxxxxxxx> --- python/sepolgen/src/sepolgen/refparser.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/sepolgen/src/sepolgen/refparser.py b/python/sepolgen/src/sepolgen/refparser.py index e261d3f78f87..9622ee9a29ce 100644 --- a/python/sepolgen/src/sepolgen/refparser.py +++ b/python/sepolgen/src/sepolgen/refparser.py @@ -261,7 +261,7 @@ def t_IDENTIFIER(t): return t def t_FILENAME(t): - r'\"[a-zA-Z0-9_\-\+\.\$\*~ :\[\]]+\"' + r'\"`*[a-zA-Z0-9_\-\+\.\$\*~ :\[\]]+\'*\"' # Handle any keywords t.type = reserved.get(t.value,'FILENAME') return t -- 2.46.0