Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 170444 - "avc: denied" messages in audit.log for comm="printconf-tui", name="printconf.pickle"
"avc: denied" messages in audit.log for comm="printconf-tui", name="printcon...
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Russell Coker
Depends On:
  Show dependency treegraph
Reported: 2005-10-11 15:37 EDT by Ozgur M. Homurlu
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version: 1.27.1-2.6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-03-21 22:23:22 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ozgur M. Homurlu 2005-10-11 15:37:36 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922

Description of problem:
I keep getting on this avc: denied messages like this one in my audit.log (possibly just after reboot):
type=AVC msg=audit(1129034152.848:120): avc:  denied  { read } for  pid=3951 comm="printconf-tui" name="printconf.pickle" dev=dm-0 ino=1738270 scontext=system_u:system_r:cupsd_config_t tcontext=root:object_r:var_t tclass=file

Selinux is set to enforcing and targeted policy mode.
I have configured my printer with http://localhost:631 interface.

"find /var -inum 1738270" returned:

Version-Release number of selected component (if applicable):

How reproducible:
Didn't try

Steps to Reproduce:

Additional info:

Applying "restorecon -R -v /var/cache/foomatic" returned:
restorecon reset /var/cache/foomatic/printconf.pickle context root:object_r:var_t->system_u:object_r:cupsd_rw_etc_t
Comment 1 Daniel Walsh 2005-10-17 14:14:45 EDT
Fixed in selinux-policy-*-1.27.1-2.6

Note You need to log in before you can comment on or make changes to this bug.