Bug 208201
| Summary: | avc denied messages with updates-testing cups and kernel | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Orion Poplawski <orion> |
| Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | Ben Levenson <benl> |
| Severity: | low | Docs Contact: | |
| Priority: | medium | ||
| Version: | 5 | CC: | dwalsh |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-02-14 15:17:01 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
All of these bugs should be fixed in FC6, You could attempt to use the FC6 policy on FC5 or upgrade. Or you could use audit2allow -M mypolicy -i /var/log/audit/audit.log and build local customized policy |
Description of problem: Get the following after install of: Sep 25 05:52:02 Updated: cups-libs.i386 1:1.2.4-1.1 Sep 25 05:52:40 Updated: cups.i386 1:1.2.4-1.1 Sep 25 15:58:34 cynosure kernel: audit(1159221514.725:334): avc: denied { read } for pid=14313 comm="printconf-backe" name=".fonts.cache-2" dev=hda5 ino=1276563 scontext=user_u:system_r:cupsd_config_t:s0 tcontext=user_u:object_r:user_home_t:s0 tclass=file Sep 25 16:03:56 cynosure kernel: audit(1159221836.077:335): avc: denied { read } for pid=14515 comm="printconf-backe" name=".fonts.cache-2" dev=hda5 ino=1276800 scontext=user_u:system_r:cupsd_config_t:s0 tcontext=user_u:object_r:user_home_t:s0 tclass=file Sep 26 04:57:36 Installed: kernel.i686 2.6.18-1.2189.fc5 Sep 26 04:57:28 cynosure kernel: audit(1159268248.684:336): avc: denied { write } for pid=5606 comm="depmod" name="[60604396]" dev=pipefs ino=60604396 scontext=user_u:system_r:depmod_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file Sep 26 04:57:28 cynosure kernel: audit(1159268248.684:337): avc: denied { write } for pid=5606 comm="depmod" name="[60604396]" dev=pipefs ino=60604396 scontext=user_u:system_r:depmod_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file Version-Release number of selected component (if applicable): selinux-policy-2.3.7-2.fc5