SELinux denying Brother printer to CUPS
William Cohen
wcohen at redhat.com
Mon Nov 12 13:21:08 UTC 2007
Simon Slater wrote:
> G'day again,
> I am setting up a Brother MFC665CW in F7. As far as I know I have
> followed the Brother instructions and FAQ. It prints fine via USB.
> When sending a CUPS test page these avc denials are given:
> 1/
> avc: denied { write } for comm="brprintconf_mfc" dev=dm-0 egid=7 euid=4
> exe="/usr/bin/brprintconf_mfc665cw" exit=-13 fsgid=7 fsuid=4 gid=7
> items=0
> name="inf" pid=3089 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023
> sgid=7
> subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=4 tclass=dir
> tcontext=root:object_r:usr_t:s0 tty=(none) uid=4
> 2/
> avc: denied { append } for comm="sh" dev=dm-0 egid=7 euid=4
> exe="/bin/bash"
> exit=-13 fsgid=7 fsuid=4 gid=7 items=0 name="txreport.log" pid=5852
> scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=7
> subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=4 tclass=file
> tcontext=root:object_r:usr_t:s0 tty=(none) uid=4
> 3/
> avc: denied { write } for comm="sh" dev=dm-0 egid=7 euid=4
> exe="/bin/bash"
> exit=-13 fsgid=7 fsuid=4 gid=7 items=0 name="txreport.log" pid=5852
> scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=7
> subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=4 tclass=file
> tcontext=root:object_r:usr_t:s0 tty=(none) uid=4
> 4/
> avc: denied { execute } for comm="brlpdwrappermfc" dev=dm-0 egid=7
> euid=4
> exe="/bin/bash" exit=-13 fsgid=7 fsuid=4 gid=7 items=0
> name="filtermfc665cw"
> pid=3541 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=7
> subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=4 tclass=file
> tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=4
> 5/
> avc: denied { execute } for comm="brlpdwrappermfc" dev=dm-0 egid=7
> euid=4
> exe="/bin/bash" exit=-13 fsgid=7 fsuid=4 gid=7 items=0
> name="brcupsconfpt1"
> pid=3539 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=7
> subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=4 tclass=file
> tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=4
> 6/
> avc: denied { execute_no_trans } for comm="cupsd" dev=dm-0 egid=7 euid=4
> exe="/usr/sbin/cupsd" exit=-13 fsgid=7 fsuid=4 gid=7 items=0
> name="brlpdwrappermfc665cw"
> path="/usr/lib/cups/filter/brlpdwrappermfc665cw"
> pid=3257 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=7
> subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=4 tclass=file
> tcontext=root:object_r:lib_t:s0 tty=(none) uid=4
>
> I have followed the advice of setroubleshoot and have:
> touch /.autorelabel; reboot
> but still no change.
>
> There seems to be many files involved. What is the source of the
> problem? SEtroubleshoot suggests local policy rules (reading up on that
> now in FC5 selinux FAQ) but how many will be needed? One for each type
> of denial.
>
> Any help greatly appreciated. I've been fiddling with this for over a
> week now :(
>
I had similar problems with setting up a Brother MCF5640cn on an F8 machine.
Have you tried the steps listed at the following URL?
http://solutions.brother.com/linux/sol/printer/linux/linux_faq-2.html#30
-Will
More information about the fedora-list
mailing list