Description of problem: I was just trying to print a document... Nothing special here, the problem occurred repeatedly over the last days. SELinux is preventing hpfax from 'open' accesses on the chr_file /dev/bus/usb/001/038. ***** Plugin restorecon (90.5 confidence) suggests ************************ If you want to fix the label. /dev/bus/usb/001/038 default label should be usb_device_t. Then you can run restorecon. Do # /sbin/restorecon -v /dev/bus/usb/001/038 ***** Plugin device (9.50 confidence) suggests **************************** If you want to allow hpfax to have open access on the 038 chr_file Then you need to change the label on /dev/bus/usb/001/038 to a type of a similar device. Do # semanage fcontext -a -t SIMILAR_TYPE '/dev/bus/usb/001/038' # restorecon -v '/dev/bus/usb/001/038' ***** Plugin catchall (1.40 confidence) suggests ************************** If you believe that hpfax should be allowed open access on the 038 chr_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep hpfax /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:cupsd_t:s0-s0:c0.c1023 Target Context system_u:object_r:device_t:s0 Target Objects /dev/bus/usb/001/038 [ chr_file ] Source hpfax Source Path hpfax Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-128.18.fc22.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.2.5-201.fc22.x86_64 #1 SMP Wed Oct 28 20:00:23 UTC 2015 x86_64 x86_64 Alert Count 3 First Seen 2015-11-05 23:23:22 CET Last Seen 2015-11-08 04:16:50 CET Local ID fd6fd7ce-b851-4243-9943-63ab89494a60 Raw Audit Messages type=AVC msg=audit(1446952610.107:662): avc: denied { open } for pid=8720 comm="hpfax" path="/dev/bus/usb/001/038" dev="devtmpfs" ino=211991 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=chr_file permissive=0 Hash: hpfax,cupsd_t,device_t,chr_file,open Version-Release number of selected component: selinux-policy-3.13.1-128.18.fc22.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.5-201.fc22.x86_64 type: libreport
Are you able to reproduce it? If so, could please check labeling of usb device for which you get AVC? ls -Z /dev/bus/usb/001/<dev_number>
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days