fcontext detection fails if pattern contains square brackets

[BrianSipos]

As of 0.4.0 the fcontext parameter pathname is passed directly to grep in order to detect if the path is already defined as a context. Unfortunately, this detection fails if the pathname contains square brackets used in the path expression itself. Because these grep-interpreted characters are not escaped, they will be treated as actual pattern modifiers by grep rather than as literal characters.

An example is my pathname /var/lib/trac/projects/[^/]+(/.*)? which should be escaped prior to using as parameter to grep as /var/lib/trac/projects/\[^/\]+(/.*)?.

[pietervogelaar]

I have this same problem. No escaping happened, so this will fail:

semanage fcontext -l | grep -E "^/var/www(/.*)?/cache(/.*)?.*:httpd_sys_rw_content_t:"

[EternalNoob0]

I have the same problem with the detection fails if the pathname contains square brackets used in the path expression itself.
Below is my example
Mkhomedir/Selinux::Fcontext[set-non-home-user-dir_type_d]/Exec[restorecond add_user_home_dir_t_/opshome/[^/]_type_d]: Failed to call refresh: restorecon /opshome/[^/] returned 255 instead of one of [0]

[TJM]

I am having the same issue with /web/[^/]+/\.ssh(/.*)?...

We will either need to have some sort of "regex_escape" capability, or maybe grep F

semanage fcontext -l | grep -F '/web/[^/]+/\.ssh(/.*)?' | grep ':ssh_home_t:'

... seems to work, but I don't know if "grep -F" can be depended upon to exist?

@ashishvadhau you and I are also having a different problem too: #107 ... restorecon is failing due to unescaped input ending up on the shell, but as I noted there, its probably not a good idea to run restorecon "like this" (wish I had a better solution)