cups, /dev/fd
Tom London
selinux at comcast.net
Fri Sep 17 01:22:32 UTC 2004
Running strict/enforcing, latest from Dan's tree.
Printing (say, from openoffice) yields:
Sep 16 18:01:39 fedora kernel: audit(1095382899.718:0): avc: denied {
read } for pid=10941 exe=/usr/bin/perl name=fd dev=tmpfs ino=2794
scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:device_t
tclass=lnk_file
Sep 16 18:01:39 fedora kernel: audit(1095382899.718:0): avc: denied {
read } for pid=10941 exe=/usr/bin/perl name=fd dev=tmpfs ino=2794
scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:device_t
tclass=lnk_file
inode 2794 is /dev/fd.
Make sense to add?
dontaudit cupsd_t device_t:lnk_file { read };
tom
More information about the fedora-selinux-list
mailing list