Previously, when SELinux context was not defined in SELinux context
database, like in example below, udica crashed when tried to get context
of such a directory.
This commit fixes the issue by using selinux.getfilecon to get SELinux
context of such a file from extended attributes of the filesystem.
Fixes: #26
#matchpathcon /tmp/test
/tmp/test <<none>>
# podman run -it --rm --name server -v /tmp/test:/tmp/test fedora:latest bash
# podman inspect -l | sudo udica testudica
Traceback (most recent call last):
File "/bin/udica", line 11, in <module>
load_entry_point('udica==0.1.7', 'console_scripts', 'udica')()
File "/usr/lib/python3.7/site-packages/udica/__main__.py", line 109, in main
create_policy(opts, container_caps, container_mounts, container_ports)
File "/usr/lib/python3.7/site-packages/udica/policy.py", line 173, in create_policy
contexts = list_contexts(item['source'])
File "/usr/lib/python3.7/site-packages/udica/policy.py", line 65, in list_contexts
contexts.append(context.split(':')[2])
Previously, when SELinux context was not defined in SELinux context database, like in example below, udica crashed when tried to get context of such a directory. This commit fixes the issue by using selinux.getfilecon to get SELinux context of such a file from extended attributes of the filesystem.
Fixes: #26