Description of problem: While creating a printer (Windows shared printer) cups triggers SETroubleshoot with default_t avc: denied { search } for comm="python" dev=dm-0 egid=7 euid=0 exe="/usr/bin/python" exit=-13 fsgid=7 fsuid=0 gid=7 items=0 name="root" pid=3255 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=7 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=0 tclass=dir tcontext=system_u:object_r:default_t:s0 tty=(none) uid=0 Also there are some denials for rhgb during first boot - along with bluetooth and smartd. Attached file from messages. Version-Release number of selected component (if applicable): selinux-policy-2.6.4-8.fc7 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Created attachment 155506 [details] audit messages-file
This looks like a problem with anaconda/install not labeling /root correctly.
*** Bug 241613 has been marked as a duplicate of this bug. ***
As discussed in the office - looks like genhomedircon needs to write out policy for users if it can't tell if selinux is enabled or not (line 266, in getHomeDirContext).
Fixed in policycoreutils-2.0.19-2.fc8 policycoreutils-2.0.16-4.fc7 Also selinux-policy-2.6.4-12.fc7 will trigger relabel of /root.
selinux-policy-2.6.4-12.fc7 - This or tageted pakage got /temp/tmprpm segfault at line 14 no jodcontrol FG This has happened several times on the selinux package. Policycoreutils is not available Finally, all of these are in updates-testing and most would never know they exit. I didn't know until you said here because I usually look in the rep structure of a mirror but none I can get to have an updates testing for fc7 or it is empty. I know it is early in the release but but can these ealy updates be tested on the fedora side and released earlier. Beciase something is causing erros in f7 and it needs to be found. My user space bombs off fairly oftem back to the log on screen. Fx is the key program and so what ever it is using is not right. Also, did you get all those cups errors for /tmp/smbspool fixed? It is on another bug. That's been going on since fc6 and blocks smb windows shred printed. The cups guy says it selinux and cifs but I say it Fedora. Darwin
Fixed will be in selinux-policy-2.6.4-13 What is the bugzilla number of the smbspool problem?
The smbspool bug # is 199631 thank you, Darwin