Bug 118384

Summary: printing from mozilla fails with enforcing on
Product: [Fedora] Fedora Reporter: Warren Lewis <warren98103>
Component: policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: pgraner
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-04-11 23:11:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 114961    
Attachments:
Description Flags
new set of avc errors as of policy-1.9-6 printing from mozilla
none
Printing happens to wrong printer, avc errors. none

Description Warren Lewis 2004-03-16 06:12:02 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040217

Description of problem:
with Selinux in enforcing mode printing from mozilla fails with avc
messages. 

Mar 15 22:10:27 localhost kernel: audit(1079417427.200:0): avc: 
denied  { search } for  pid=32088 exe=/usr/bin/lpr.cups name=cups
dev=hda7 ino=459690 scontext=root:staff_r:staff_mozilla_t
tcontext=system_u:object_r:cupsd_etc_t tclass=dir
Mar 15 22:10:27 localhost kernel: audit(1079417427.250:0): avc: 
denied  { search } for  pid=32088 exe=/usr/bin/lpr.cups name=cups
dev=hda7 ino=459690 scontext=root:staff_r:staff_mozilla_t
tcontext=system_u:object_r:cupsd_etc_t tclass=dir
Mar 15 22:10:27 localhost kernel: audit(1079417427.266:0): avc: 
denied  { search } for  pid=32088 exe=/usr/bin/lpr.cups name=cups
dev=hda7 ino=459690 scontext=root:staff_r:staff_mozilla_t
tcontext=system_u:object_r:cupsd_etc_t tclass=dir
Mar 15 22:10:27 localhost kernel: audit(1079417427.268:0): avc: 
denied  { search } for  pid=32088 exe=/usr/bin/lpr.cups name=spool
dev=hda7 ino=344101 scontext=root:staff_r:staff_mozilla_t
tcontext=system_u:object_r:var_spool_t tclass=dir


Version-Release number of selected component (if applicable):
policy-1.8-10 mozilla-1.6-1 cups-1.1.20-5.1

How reproducible:
Always

Steps to Reproduce:
1. boot with enforcing=1
2. click mozilla icon on task bar
3. click mozilla print button.
    

Actual Results:  printing doesn't work.  generates avc messages.

Expected Results:  printing works.

Additional info:

Comment 1 Warren Lewis 2004-03-16 06:40:07 UTC
Changed platform to i386 as this is what I am using.  I suspect this
would occur on all platforms, but I don't know that for sure.

Comment 2 Daniel Walsh 2004-03-18 04:53:17 UTC
Fixed in policy-1.9-1

Comment 3 Warren Lewis 2004-03-22 20:56:37 UTC
Created attachment 98756 [details]
new set of avc errors as of policy-1.9-6 printing from mozilla

Comment 4 Warren Lewis 2004-03-22 20:58:08 UTC
As of policy-1.9-6 there are still problems, the errors are different
though.  See attachment for the new errors.

Comment 5 Daniel Walsh 2004-03-25 05:35:36 UTC
Fixed in policy-1.9-15


Comment 6 Warren Lewis 2004-04-02 04:11:45 UTC
Created attachment 99062 [details]
Printing happens to wrong printer, avc errors.

Printing happens now, but it goes to the wrong printer.  It looks like it can't
read the default printer setting.  avc errors attached.

Comment 7 Daniel Walsh 2004-04-02 13:52:51 UTC
Added fix for your avc messages in policy 1.9.2-6

Comment 8 Warren Lewis 2004-04-11 23:08:35 UTC
Printing seems to work fine now, thanks Daniel!