AVCs when printing from firefox...
Tom London
selinux at gmail.com
Mon Jun 26 17:20:26 UTC 2006
Running targeted/enforcing, latest rawhide.
Trying to print from firefox, I get:
type=AVC msg=audit(1151341517.216:697): avc: denied { recv } for
pid=2965 comm="firefox-bin" saddr=127.0.0.1 src=50209 daddr=127.0.0.1
dest=631 netif=lo scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=AVC msg=audit(1151341520.217:698): avc: denied { recv } for
saddr=127.0.0.1 src=50209 daddr=127.0.0.1 dest=631 netif=lo
scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=AVC msg=audit(1151341526.217:699): avc: denied { recv } for
saddr=127.0.0.1 src=50209 daddr=127.0.0.1 dest=631 netif=lo
scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=AVC msg=audit(1151341538.217:700): avc: denied { recv } for
saddr=127.0.0.1 src=50209 daddr=127.0.0.1 dest=631 netif=lo
scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=AVC msg=audit(1151341562.219:701): avc: denied { recv } for
saddr=127.0.0.1 src=50209 daddr=127.0.0.1 dest=631 netif=lo
scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Doing a 'setenforce 0' and retrying yields:
type=AVC msg=audit(1151342357.528:780): avc: denied { recv } for
pid=3943 comm="firefox-bin" saddr=127.0.0.1 src=47782 daddr=127.0.0.1
dest=631 netif=lo scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=AVC msg=audit(1151342357.528:780): avc: denied { send } for
pid=3943 comm="firefox-bin" saddr=127.0.0.1 src=631 daddr=127.0.0.1
dest=47782 netif=lo scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=SYSCALL msg=audit(1151342357.528:780): arch=40000003 syscall=102
success=yes exit=0 a0=3 a1=bfbf8db0 a2=4703c3f4 a3=0 items=0 ppid=3938
pid=3943 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500
sgid=500 fsgid=500 tty=(none) comm="firefox-bin"
exe="/usr/lib/firefox-1.5.0.4/firefox-bin"
subj=user_u:system_r:unconfined_t:s0
type=SOCKADDR msg=audit(1151342357.528:780):
saddr=020002777F0000010000000000000000
type=SOCKETCALL msg=audit(1151342357.528:780): nargs=3 a0=27 a1=b6d875c a2=10
type=AVC msg=audit(1151342370.197:781): avc: denied { send } for
pid=4108 comm="hp" saddr=127.0.0.1 src=43162 daddr=127.0.0.1
dest=50000 netif=lo scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=AVC msg=audit(1151342370.197:781): avc: denied { recv } for
pid=4108 comm="hp" saddr=127.0.0.1 src=43162 daddr=127.0.0.1
dest=50000 netif=lo scontext=system_u:system_r:hplip_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=AVC msg=audit(1151342370.197:781): avc: denied { send } for
pid=4108 comm="hp" saddr=127.0.0.1 src=50000 daddr=127.0.0.1
dest=43162 netif=lo scontext=system_u:system_r:hplip_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=AVC msg=audit(1151342370.197:781): avc: denied { recv } for
pid=4108 comm="hp" saddr=127.0.0.1 src=50000 daddr=127.0.0.1
dest=43162 netif=lo scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
type=SYSCALL msg=audit(1151342370.197:781): arch=40000003 syscall=102
success=yes exit=0 a0=3 a1=bf86ac50 a2=804d110 a3=804d1a4 items=0
ppid=2246 pid=4108 auid=4294967295 uid=4 gid=7 euid=4 suid=4 fsuid=4
egid=7 sgid=7 fsgid=7 tty=(none) comm="hp"
exe="/usr/lib/cups/backend/hp"
subj=system_u:system_r:cupsd_t:s0-s0:c0.c255
type=SOCKADDR msg=audit(1151342370.197:781):
saddr=0200C3507F0000010000000000000000
type=SOCKETCALL msg=audit(1151342370.197:781): nargs=3 a0=4 a1=bf86ac78 a2=10
tom
--
Tom London
More information about the fedora-selinux-list
mailing list