Bug 1904059

Summary: semanage-fcontext documentation does not explain regular expressions
Product: Red Hat Enterprise Linux 8 Reporter: Alain D D Williams <addw>
Component: policycoreutilsAssignee: Vit Mojzis <vmojzis>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: low Docs Contact:
Priority: medium    
Version: 8.0CC: dwalsh, lvrabec, mmalik, plautrba, ssekidde, vmojzis
Target Milestone: rcKeywords: Triaged
Target Release: 8.0   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-05-18 15:09:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alain D D Williams 2020-12-03 12:51:22 UTC 
Description of problem:

man semanage-fcontext

Contains "This command maps file paths using regular expressions to SELinux labels" - but it does not say what sort of regular expressions: eg POSIX, Perl, ... and any extensions/restrictions. The only example anywhere seems to be (/.*)? -- OK, not quite true but I look at this and feel very unsure as to what I can/cannot use.
Comment 1 Petr Lautrbach 2020-12-26 16:31:14 UTC 
It's PCRE, see https://github.com/SELinuxProject/selinux-notebook/blob/51a1d128d5112f5022f54994a9ab669c4c1f389d/src/policy_store_config_files.md#building-the-file-labeling-support-files adn https://github.com/SELinuxProject/selinux-notebook/blob/51a1d128d5112f5022f54994a9ab669c4c1f389d/src/policy_config_files.md#contextsfilesfile_contexts 

The man page should mention it as well. Thanks for the bug report.
Comment 2 Alain D D Williams 2020-12-26 17:50:10 UTC 
Ah: PCRE - thanks.

What regular expression flags are in effect ? I assume that there is not a way of specifying them; the 'i' (case-insensitive) not being set.
Is 'u' (Unicode) set, eg will a.b match a£b ? Is this affected by $LANG ?

You might also mention that '/' is not a special character -- to clearly distance itself what happens in shell globbing.
Many will understand, but no harm in being nice to novices!

Thanks for picking this up.
Comment 3 Petr Lautrbach 2021-02-11 12:55:50 UTC 
https://lore.kernel.org/selinux/20210210170529.1395705-1-vmojzis@redhat.com/T/#u
Comment 4 Alain D D Williams 2021-02-11 13:23:59 UTC 
Brilliant - questions answered, thanks.
Comment 12 errata-xmlrpc 2021-05-18 15:09:18 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (policycoreutils bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:1715