diff --git a/libselinux/man/man8/matchpathcon.8 b/libselinux/man/man8/matchpathcon.8
index c1b00c0f..26ce74c9 100644
--- a/libselinux/man/man8/matchpathcon.8
+++ b/libselinux/man/man8/matchpathcon.8
@@ -3,7 +3,7 @@
 matchpathcon \- get the default SELinux security context for the specified path from the file contexts configuration.
 
 .SH "SYNOPSIS"
-.B matchpathcon [-V] [-N] [-n] [-f file_contexts_file ] [-p prefix ] filepath...
+.B matchpathcon [-V] [-N] [-n] [-m type] [-f file_contexts_file ] [-p prefix ] filepath...
 .SH "DESCRIPTION"
 .B matchpathcon
 queries the system policy and outputs the default security context associated with the filepath.
@@ -14,6 +14,10 @@ Note: Identical paths can have different security contexts, depending on the fil
 will also take the file type into consideration in determining the default security context if the file exists.  If the file does not exist, no file type matching will occur.
 
 .SH OPTIONS
+.B \-m type
+Force file type for the lookup.
+Valid types are file, dir, pipe, chr_file, blk_file, lnk_file, sock_file
+
 .B \-n
 Do not display path.
 
diff --git a/libselinux/utils/matchpathcon.c b/libselinux/utils/matchpathcon.c
index b1adadd8..dd5aaa36 100644
--- a/libselinux/utils/matchpathcon.c
+++ b/libselinux/utils/matchpathcon.c
@@ -43,9 +43,32 @@ static int printmatchpathcon(const char *path, int header, int mode)
 	return 0;
 }
 
+static mode_t string_to_mode(char *s)
+{
+	switch (s[0]) {
+	case 'b':
+		return S_IFBLK;
+	case 'c':
+		return S_IFCHR;
+	case 'd':
+		return S_IFDIR;
+	case 'p':
+		return S_IFIFO;
+	case 'l':
+		return S_IFLNK;
+	case 's':
+		return S_IFSOCK;
+	case 'f':
+		return S_IFREG;
+	default:
+		return -1;
+	};
+	return -1;
+}
+
 int main(int argc, char **argv)
 {
-	int i, init = 0;
+	int i, init = 0, force_mode = 0;
 	int header = 1, opt;
 	int verify = 0;
 	int notrans = 0;
@@ -55,11 +78,18 @@ int main(int argc, char **argv)
 	if (argc < 2)
 		usage(argv[0]);
 
-	while ((opt = getopt(argc, argv, "Nnf:p:Vq")) > 0) {
+	while ((opt = getopt(argc, argv, "m:Nnf:p:Vq")) > 0) {
 		switch (opt) {
 		case 'n':
 			header = 0;
 			break;
+		case 'm':
+			force_mode = string_to_mode(optarg);
+			if (force_mode < 0) {
+				fprintf(stderr, "%s: mode %s is invalid\n", argv[0], optarg);
+				exit(1);
+			}
+			break;
 		case 'V':
 			verify = 1;
 			break;
@@ -116,6 +146,8 @@ int main(int argc, char **argv)
 
 		if (lstat(path, &buf) == 0)
 			mode = buf.st_mode;
+		if (force_mode)
+			mode = force_mode;
 
 		if (verify) {
 			rc = selinux_file_context_verify(path, mode);