selinux denying a cups printer [followup]
Gene Heskett
gene.heskett at verizon.net
Fri Nov 28 17:33:53 UTC 2008
On Friday 28 November 2008, Gene Heskett wrote:
>Greetings;
>
>Uptodate F8, targeted setting
>
>host=coyote.coyote.den type=AVC msg=audit(1227891049.940:679): avc: denied {
>execute } for pid=6486 comm="cupsd" name="lp3" dev=sda3 ino=104400725
>scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023
>tcontext=system_u:object_r:cupsd_rw_etc_t:s0 tclass=file
>
>host=coyote.coyote.den type=SYSCALL msg=audit(1227891049.940:679):
>arch=40000003 syscall=33 success=no exit=-13 a0=bff13656 a1=1 a2=b7f17ff4
>a3=b7f18a3c items=0 ppid=6485 pid=6486 auid=0 uid=0 gid=0 euid=0 suid=0
>fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="cupsd"
>exe="/usr/sbin/cupsd" subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023
>key=(null)
>
>The troubleshooters recommended fix is a restorecon -v './lp3'
>
>The only ./lp3 I could find was in /etc/cups.d/interfaces/lp3, and while it
>did change the context of the file, it does not fix the problem. This
>particular driver ppd is the lpr and cupswrapper of the HL2140 driver kit
>from Brother, and apparently is installed in a /usr/local/Brother subdir by
>their rpms.
>
>All this did work flawlessly before I had a drive failure, and it worked
> after an Fu8 install, but failed sometime in the nearly 2 weeks uptime, as
> did all my other printer profiles, which I have now deleted and rebuilt,
> and work except for this one.
>
>I am going to try touching /.autorelabel and reboot again see if that helps.
>However, nothing happened the last time I tried that 2 weeks ago...
The autorelabel was done, but it didn't help.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Anyone can hold the helm when the sea is calm.
-- Publius Syrus
More information about the fedora-selinux-list
mailing list