util/selinux: add gefilecon helper

Add a simple helper that gets the security context for a given path as a plain string.
2020-06-13 19:37:06 +02:00 · 2020-06-13 19:37:06 +02:00 · 0cf581a9a4
commit 0cf581a9a4
parent 85cd334945
1 changed files with 8 additions and 0 deletions
--- a/osbuild/util/selinux.py
+++ b/osbuild/util/selinux.py
@ -1,5 +1,6 @@
 """SELinux utility functions"""

+import os
 import subprocess

 from typing import Dict, TextIO
@ -46,3 +47,10 @@ def setfiles(spec_file: str, root: str, *paths):
                        spec_file,
                        f"{root}{path}"],
                       check=True)
+
+
+def getfilecon(path: str) -> str:
+    """Get the security context associated with `path`"""
+    label = os.getxattr(path, b"security.selinux",
+                        follow_symlinks=False)
+    return label.decode().strip('\n\0')