Bug 164880
| Summary: | Problem with hplip when printer is connected through the network | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Vaclav "sHINOBI" Misek <misek> |
| Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4 | CC: | walt |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | 1.25.3-12 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-08-26 06:36:56 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Can you do a setenforce 0 and then run a print job. and gather all of the avc messages. Dan OK, messages follows:
type=AVC msg=audit(1123072345.692:14384534): avc: denied { ioctl } for
pid=5021 comm="python" name="4" dev=devpts ino=6 scontext=root:system_r:hplip_t
tcontext=root:object_r:devpts_t tclass=chr_file
type=SYSCALL msg=audit(1123072345.692:14384534): arch=c000003e syscall=16
success=yes exit=0 a0=0 a1=5401 a2=7fffffd7db30 a3=0 items=0 pid=5021
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="python" exe="/usr/bin/python"
type=AVC_PATH msg=audit(1123072345.692:14384534): path="/dev/pts/4"
type=AVC msg=audit(1123072345.694:14384550): avc: denied { getattr } for
pid=5021 comm="python" name="4" dev=devpts ino=6 scontext=root:system_r:hplip_t
tcontext=root:object_r:devpts_t tclass=chr_file
type=SYSCALL msg=audit(1123072345.694:14384550): arch=c000003e syscall=5
success=yes exit=0 a0=0 a1=7fffffd7da70 a2=7fffffd7da70 a3=2aaaaaae80b4 items=0
pid=5021 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="python" exe="/usr/bin/python"
type=AVC_PATH msg=audit(1123072345.694:14384550): path="/dev/pts/4"
type=AVC msg=audit(1123072345.923:14386899): avc: denied { write } for
pid=5021 comm="python" name="base" dev=dm-0 ino=26820640
scontext=root:system_r:hplip_t tcontext=system_u:object_r:usr_t tclass=dir
type=AVC msg=audit(1123072345.923:14386899): avc: denied { remove_name } for
pid=5021 comm="python" name="__init__.pyc" dev=dm-0 ino=26820609
scontext=root:system_r:hplip_t tcontext=system_u:object_r:usr_t tclass=dir
type=AVC msg=audit(1123072345.923:14386899): avc: denied { unlink } for
pid=5021 comm="python" name="__init__.pyc" dev=dm-0 ino=26820609
scontext=root:system_r:hplip_t tcontext=root:object_r:usr_t tclass=file
type=SYSCALL msg=audit(1123072345.923:14386899): arch=c000003e syscall=87
success=yes exit=0 a0=7fffffd7c640 a1=0 a2=1 a3=2aaaaab4aaa8 items=1 pid=5021
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="python" exe="/usr/bin/python"
type=CWD msg=audit(1123072345.923:14386899): cwd="/usr/share/hplip"
type=PATH msg=audit(1123072345.923:14386899): item=0
name="/usr/share/hplip/base/__init__.pyc" flags=10 inode=26820640 dev=fd:00
mode=040755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1123072345.924:14386900): avc: denied { add_name } for
pid=5021 comm="python" name="__init__.pyc" scontext=root:system_r:hplip_t
tcontext=system_u:object_r:usr_t tclass=dir
type=AVC msg=audit(1123072345.924:14386900): avc: denied { create } for
pid=5021 comm="python" name="__init__.pyc" scontext=root:system_r:hplip_t
tcontext=root:object_r:usr_t tclass=file
type=SYSCALL msg=audit(1123072345.924:14386900): arch=c000003e syscall=2
success=yes exit=4 a0=7fffffd7c640 a1=2c1 a2=1b6 a3=2aaaaab4aaa8 items=1
pid=5021 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="python" exe="/usr/bin/python"
type=CWD msg=audit(1123072345.924:14386900): cwd="/usr/share/hplip"
type=PATH msg=audit(1123072345.924:14386900): item=0
name="/usr/share/hplip/base/__init__.pyc" flags=310 inode=26820640 dev=fd:00
mode=040755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1123072345.924:14386905): avc: denied { write } for
pid=5021 comm="python" name="__init__.pyc" dev=dm-0 ino=26820609
scontext=root:system_r:hplip_t tcontext=root:object_r:usr_t tclass=file
type=SYSCALL msg=audit(1123072345.924:14386905): arch=c000003e syscall=1
success=yes exit=113 a0=4 a1=2aaaae806000 a2=71 a3=ffffffff items=0 pid=5021
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="python" exe="/usr/bin/python"
type=AVC_PATH msg=audit(1123072345.924:14386905):
path="/usr/share/hplip/base/__init__.pyc"
Fixed in selinux-policy-targeted-1.25.3-12 Thanks for the bug report. This particular bug was fixed and a update package was published for download. Please feel free to report any further bugs you find. |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.10) Gecko/20050720 Fedora/1.0.6-1.1.fc4 Firefox/1.0.6 Description of problem: HPLIP toolbox shows that the printer is offline or unavailable. I noticed there is an error in audit log. After running "setsebool hplip_disable_trans=1" it starts to work. Version-Release number of selected component (if applicable): selinux-policy-targeted-1.25.3-6 How reproducible: Always Steps to Reproduce: 1. install network printer using hplip 2. start hp-toolbox 3. Actual Results: type=SYSCALL msg=audit(1122972552.068:15897082): arch=c000003e syscall=41 success=no exit=-13 a0=2 a1=3 a2=1 a3=7fffffdba0c0 items=0 pid=2143 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="python" exe="/usr/bin/python" type=AVC msg=audit(1122972552.269:15897408): avc: denied { create } for pid=2143 comm="python" scontext=system_u:system_r:hplip_t tcontext=system_u:system_r:hplip_t tclass=rawip_socket Additional info: