Bug 800786
| Summary: | adding new printer causes avc denial | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Petr Sklenar <psklenar> |
| Component: | cups | Assignee: | Tim Waugh <twaugh> |
| Status: | CLOSED NOTABUG | QA Contact: | qe-baseos-daemons |
| Severity: | unspecified | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.0 | ||
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-03-07 09:30:20 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Description of problem: adding new printer causes avc denial Version-Release number of selected component (if applicable): cups-1.5.0-21.el7.x86_64 selinux-policy-3.10.0-56.el7.noarch How reproducible: deterministic Steps to Reproduce: add new printer: 1, lpadmin -p $TPRN -E -v /dev/null Actual results: type=AVC msg=audit(1331110969.363:576): avc: denied { open } for pid=26391 comm="cupsd" name="ld.so.cache" dev=dm-1 ino=132246 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file type=AVC msg=audit(1331110969.520:578): avc: denied { open } for pid=26417 comm="dbus-daemon-lau" name="ld.so.cache" dev=dm-1 ino=132246 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file type=AVC msg=audit(1331110969.533:579): avc: denied { read } for pid=26417 comm="colord" name="ld.so.cache" dev=dm-1 ino=132246 scontext=system_u:system_r:colord_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file type=AVC msg=audit(1331110969.533:579): avc: denied { open } for pid=26417 comm="colord" name="ld.so.cache" dev=dm-1 ino=132246 scontext=system_u:system_r:colord_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file type=AVC msg=audit(1331110969.538:580): avc: denied { getattr } for pid=26417 comm="colord" path="/etc/ld.so.cache" dev=dm-1 ino=132246 scontext=system_u:system_r:colord_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file type=AVC msg=audit(1331110969.634:581): avc: denied { read } for pid=26417 comm="colord" name="etc" dev=dm-1 ino=131073 scontext=system_u:system_r:colord_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=dir # find / -inum 132246 /etc/ld.so.cache # ls -la /etc/ld.so.cache -rw-r--r--. 1 root root 46416 Mar 7 04:02 /etc/ld.so.cache # rpm -qf /etc/ld.so.cache glibc-2.15-24.el7.x86_64 # find / -inum 131073 /etc Expected results: no avc denial Additional info: