Updated F8T2 - SELinux is preventing python (cupsd_config_t) "search" to hp (hplip_etc_t)
Daniel J Walsh
dwalsh at redhat.com
Tue Sep 18 16:13:31 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tim Waugh wrote:
> On Tue, 2007-09-18 at 05:48 -0700, Jim Hayward wrote:
>> avc: denied { search } for comm=python dev=sda2 name=hp pid=3414
>> scontext=system_u:system_r:cupsd_config_t:s0 tclass=dir
>> tcontext=system_u:object_r:hplip_etc_t:s0
>
> This is from /usr/lib/cups/backend/hpfax, a Python program that is part
> of hplip. It is quite normal for it to want to read files in /etc/hp,
> so the policy needs to be updated to allow this syscall through.
>
> allow cupsd_config_t hplip_etc_t:dir search;
>
> (not sure if there is a macro that needs to be used for that..)
>
> Tim.
> */
>
*/
I am removing this type altogether so it will go back to etc_t which all
cups domains can read
Fixed in selinux-policy-3.0.8-2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFG7/krrlYvE4MpobMRAqcQAJ0WZZ/Mlq+u2/pYlVt6Qaruo2SrAQCg5LbD
R2iTZkFclWNgAX+nOs1TYRw=
=0rJ3
-----END PGP SIGNATURE-----
More information about the fedora-test-list
mailing list