Selinux Problems
Paolo Galtieri
pgaltieri at gmail.com
Mon Oct 5 21:27:14 UTC 2009
On Mon, Oct 5, 2009 at 2:13 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
> On 10/05/2009 03:22 PM, Paolo Galtieri wrote:
> > On Mon, Oct 5, 2009 at 11:11 AM, Daniel J Walsh <dwalsh at redhat.com>
> wrote:
> >
> >> On 10/05/2009 02:08 PM, Jim wrote:
> >>> FC11/Kde
> >>>
> >>> Trying to print on a Samsung CLX-3175FN.
> >>> Selinux is playing havoc with printer drivers, these drivers are from
> >>> Samsung and I'm getting many Selinux Alerts, to many to keep running
> >>> Restorecon.
> >>> The printing is coming out with double columns with 1/8" white lines
> >>> down through text or pictures.
> >>> There are no GPL drivers for this printer, it's to New !
> >>>
> >>> If I disable Selinux, the printer will print normal.
> >>>
> >>> How do I relabel all the files on the computer ?
> >>> do I relabel from telinit 3 or what ?
> >>>
> >> Please show me the AVC's you are seeing. Or send me a compresses
> >> /var/log/audit/audit.log
> >>
> >> --
> >> fedora-list mailing list
> >> fedora-list at redhat.com
> >> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> >> Guidelines:
> >> http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
> >>
> >
> > I have seen the following SELinux alert:
> >
> > SELinux is preventing hp (hplip_t) "name_bind" howl_port_t.
> >
> > lpstat -t shows
> >
> > printer HP_Color_LaserJet_2605dn disabled since Thu 01 Oct 2009 09:36:23
> AM
> > MST -
> > /usr/lib/cups/backend/hp failed
> >
> > If I change the URI associated with the printer config from
> >
> > hp:/net/HP_Color_laserjet_2605dn?zc=hpcolorjet
> >
> > to
> >
> > hp:/net/HP_Color_laserjet_2605dn?ip=192.168.10.71
> >
> > then the alerts go away.
> >
> > The printer is an HP printer and was configured using hp-setup.
> >
> > Paolo
> >
> >
> Could you grep for howl_port_t and attach the output
>
> grep howl_port_t /var/log/audit/audit.log
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> Guidelines:
> http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
>
type=AVC msg=audit(1254414474.185:50294): avc: denied { name_bind } for
pid=18462 comm="hp" src=5353
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023
tcontext=system_u:object_r:howl_port_t:s0 tclass=udp_socket
type=AVC msg=audit(1254414573.360:50295): avc: denied { name_bind } for
pid=18499 comm="hp" src=5353
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023
tcontext=system_u:object_r:howl_port_t:s0 tclass=udp_socket
type=AVC msg=audit(1254414980.894:50346): avc: denied { name_bind } for
pid=18699 comm="hp" src=5353
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023
tcontext=system_u:object_r:howl_port_t:s0 tclass=udp_socket
type=AVC msg=audit(1254415674.640:50382): avc: denied { name_bind } for
pid=18942 comm="hp" src=5353
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023
tcontext=system_u:object_r:howl_port_t:s0 tclass=udp_socket
type=AVC msg=audit(1254415783.474:50425): avc: denied { name_bind } for
pid=19012 comm="hp" src=5353
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023
tcontext=system_u:object_r:howl_port_t:s0 tclass=udp_socket
type=AVC msg=audit(1254415964.178:50441): avc: denied { name_bind } for
pid=19154 comm="hp" src=5353
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023
tcontext=system_u:object_r:howl_port_t:s0 tclass=udp_socket
Paolo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20091005/bd822a41/attachment-0001.htm>
More information about the fedora-list
mailing list