Selinux, cups, hplip
Steven Stern
subscribed-lists at sterndata.com
Sat Jun 20 17:50:37 UTC 2009
On 06/20/2009 06:12 AM, Daniel J Walsh wrote:
> On 06/19/2009 07:10 PM, Steven Stern wrote:
>> After installing hplip-gui, I got selinux errors when checking on the
>> printer status.
>>
>> audit2allow generated the following policy
>>
>> module cups20090619 1.0;
>>
>> require {
>> type hwdata_t;
>> type xdm_t;
>> class dir search;
>> class file { read getattr open };
>> }
>>
>> #============= xdm_t ==============
>> allow xdm_t hwdata_t:dir search;
>> allow xdm_t hwdata_t:file { read getattr open };
>>
>>
> xdm is checking the printer status? This allow rule indicates the X
> Login program is checking the printer status. Could you attach the AVC's
> you used to generate this policy.
>
And here's another one related to hplip
type=AVC msg=audit(1245520061.974:38037): avc: denied { read } for
pid=25561 comm="python" name="mls" dev=selinuxfs ino=12
scontext=system_u:system_r:hplip_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=file
type=AVC msg=audit(1245520061.974:38037): avc: denied { read open }
for pid=25561 comm="python" name="mls" dev=selinuxfs ino=12
scontext=system_u:system_r:hplip_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=file
--
Steve
More information about the fedora-list
mailing list