lpoptions, printing from firefox. mozilla_macros.te?
Tom London
selinux at gmail.com
Thu Dec 2 16:52:56 UTC 2004
Running strict/enforcing, latest Rawhide.
Each time I boot, /etc/cups/lpoptions
appears to be created with the 'wrong'
type: cupsd_etc_t instead of
cupsd_rw_etc_t.
Printing from firefox produces the following
avc's complaining about accessing /etc/cups/lpoptions
in either case.
Does mozilla_macros.te need:
ifdef(`cups.te', `
allow $1_mozilla_t cupsd_etc_t:dir search;
+allow user_mozilla_t cupsd_rw_etc_t:file read;
')
I'm still working on figuring out why lpoptions
is getting the wrong type.....
tom
Dec 2 07:27:56 fedora kernel: audit(1102001276.342:0): avc: denied
{ read } for pid=3363 exe=/usr/lib/firefox-1.0/firefox-bin
name=lpoptions dev=hda2 ino=4474994
scontext=user_u:user_r:user_mozilla_t
tcontext=system_u:object_r:cupsd_rw_etc_t tclass=file
Dec 2 07:27:56 fedora kernel: audit(1102001276.695:0): avc: denied
{ read } for pid=3363 exe=/usr/lib/firefox-1.0/firefox-bin
name=lpoptions dev=hda2 ino=4474994
scontext=user_u:user_r:user_mozilla_t
tcontext=system_u:object_r:cupsd_rw_etc_t tclass=file
Dec 2 07:28:00 fedora kernel: audit(1102001280.378:0): avc: denied
{ read } for pid=3363 exe=/usr/lib/firefox-1.0/firefox-bin
name=lpoptions dev=hda2 ino=4474994
scontext=user_u:user_r:user_mozilla_t
tcontext=system_u:object_r:cupsd_rw_etc_t tclass=file
--
Tom London
More information about the fedora-selinux-list
mailing list