"Brian J. Murrell" <brian(a)interlinx.bc.ca> writes:
It's not clear to me in which ways the restorecon() python
binding can return an error/failure?
Can it raise an exception or does it always simply report errors in it's return code?
I.e. I need to do:
rc = selinux.restorecon(path)
if rc != 0:
[error handling]
And/or do I need a try/except block around restorecon() as something it calls could raise
an exception?
I have seen reference to code that calls it as such:
try:
selinux.restorecon(path)
except selinux.SELinuxError:
[error handling]
selinux.restorecon() is a python swig wrapper around
selinux_restorecon_parallel() which is a generated libselinux python
binding:
https://github.com/SELinuxProject/selinux/blob/main/libselinux/src/selinu...
https://github.com/SELinuxProject/selinux/blob/main/libselinux/src/selinu...
Based on this, you need to use try/except block around selinux.restorecon() if
you want to handle errors.
>> import selinux
>> selinux.restorecon('/root/ahoj')
lstat(/var/roothome/ahoj) failed:
Permission denied
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib64/python3.12/site-packages/selinux/__init__.py", line 93, in
restorecon
selinux_restorecon_parallel(os.path.expanduser(path), restorecon_flags, nthreads)
File "/usr/lib64/python3.12/site-packages/selinux/__init__.py", line 451, in
selinux_restorecon_parallel
return _selinux.selinux_restorecon_parallel(pathname, restorecon_flags, nthreads)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied