The HP PSC 1315 is recognized by FC4, print but not scan yet.
Stephen Smalley
sds at tycho.nsa.gov
Thu Jul 28 15:56:17 UTC 2005
On Thu, 2005-07-28 at 16:50 +0100, Tim Waugh wrote:
> On Thu, Jul 28, 2005 at 11:16:31AM -0400, Daniel J Walsh wrote:
>
> > Can you change classes.conf to cupsd_etc_rw_t?
> >
> > chcon -t cupsd_etc_rw_t classes.conf
> >
> > And see if it works?
>
> It's worth pointing out that I finally gave up and changed the way
> that system-config-printer writes out configuration files, just to
> make selinux happy. This week's Fedora Update contains that change,
> so possibly the reporter did not have that package updated.
>
> I had been getting it to write to a new file in the correct directory,
> then rename over the original file. The new way is to overwrite the
> original file and cross our fingers that CUPS doesn't want to read the
> file before we've finished writing it.
>
> Daniel, for the record: what is the recommended way for system tools
> to write configuration files?
Creating a new file and renaming it over the old one is obviously safer.
As far as the security context goes, you can either define an automatic
file type transition if the (process domain, parent directory type) is
sufficient to distinguish the file or you can have the program do an
explicit setfscreatecon() before creating the new file, either using the
result of a getfilecon() on the original file to get the old context or
using matchpathcon() to get it from the policy based on the path.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list