This allows sepolgen to generate policy from AVC messages that contain
contexts translated by mcstrans.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1356149

Signed-off-by: Vit Mojzis <vmoj...@redhat.com>
---
 python/sepolgen/src/sepolgen/refpolicy.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/python/sepolgen/src/sepolgen/refpolicy.py 
b/python/sepolgen/src/sepolgen/refpolicy.py
index 2ee029c1..352b1878 100644
--- a/python/sepolgen/src/sepolgen/refpolicy.py
+++ b/python/sepolgen/src/sepolgen/refpolicy.py
@@ -284,6 +284,11 @@ class SecurityContext(Leaf):
 
         Raises ValueError if the string is not parsable as a security context.
         """
+        # try to translate the context string to raw form
+        raw = selinux.selinux_trans_to_raw_context(context)
+        if raw[0] == 0:
+            context = raw[1]
+
         fields = context.split(":")
         if len(fields) < 3:
             raise ValueError("context string [%s] not in a valid format" % 
context)
-- 
2.14.3


Reply via email to