Bug 244205 - hplip generates AVC's for root, etc. on startup
hplip generates AVC's for root, etc. on startup
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: hplip (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Tim Waugh
: Reopened
Depends On:
Blocks: F8Blocker
  Show dependency treegraph
 
Reported: 2007-06-14 10:30 EDT by Tom London
Modified: 2007-11-30 17:12 EST (History)
1 user (show)

See Also:
Fixed In Version: 1.7.4a-4.fc7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-07-11 11:20:52 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
AVCs from 'service hplip start' in permissive mode (2.52 KB, text/plain)
2007-06-14 10:30 EDT, Tom London
no flags Details

  None (edit)
Description Tom London 2007-06-14 10:30:07 EDT
Description of problem:
On boot up, or on 'service hplip start', hplip generates AVCs.

Appears to be trying to create /.hplip.conf 

Attached are the AVCs when running in permissive mode.


Version-Release number of selected component (if applicable):
hplip-1.7.4a-1.fc8

How reproducible:
Every time

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Tom London 2007-06-14 10:30:07 EDT
Created attachment 157005 [details]
AVCs from 'service hplip start' in permissive mode
Comment 2 Daniel Walsh 2007-06-14 10:33:23 EDT
Why is this program creating a file in the /root directory?
Comment 3 Tim Waugh 2007-06-14 10:37:59 EDT
This is another instance of bug #241776.  Investigating.
Comment 4 Tim Waugh 2007-06-14 11:21:55 EDT
Should be fixed in 1.7.4a-2.fc8.
Comment 5 Tom London 2007-06-27 19:50:30 EDT
I'm continuing to see this with hplip-1.7.4a-2.fc8

type=AVC msg=audit(1182958803.610:11): avc:  denied  { getattr } for  pid=2983
comm="python" name=".hplip.conf" dev=dm-0 ino=98414
scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:root_t:s0
tclass=file
type=SYSCALL msg=audit(1182958803.610:11): arch=40000003 syscall=195 success=no
exit=-13 a0=8256708 a1=bfab6bf8 a2=4604aff4 a3=81a51b8 items=0 ppid=2982
pid=2983 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0
key=(null)
type=AVC_PATH msg=audit(1182958803.610:11):  path="/.hplip.conf"
type=AVC msg=audit(1182958803.610:12): avc:  denied  { write } for  pid=2983
comm="python" name=".hplip.conf" dev=dm-0 ino=98414
scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:root_t:s0
tclass=file
type=SYSCALL msg=audit(1182958803.610:12): arch=40000003 syscall=5 success=no
exit=-13 a0=8256708 a1=8241 a2=1b6 a3=82bb430 items=0 ppid=2982 pid=2983
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0
key=(null)
type=AVC msg=audit(1182958803.610:13): avc:  denied  { getattr } for  pid=2983
comm="python" name=".hplip.conf" dev=dm-0 ino=98414
scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:root_t:s0
tclass=file
type=SYSCALL msg=audit(1182958803.610:13): arch=40000003 syscall=195 success=no
exit=-13 a0=8256c40 a1=bfab6818 a2=4604aff4 a3=81a51b8 items=0 ppid=2982
pid=2983 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0
key=(null)
type=AVC_PATH msg=audit(1182958803.610:13):  path="/.hplip.conf"
Comment 6 Tim Waugh 2007-06-28 05:06:05 EDT
Tom: how are you getting those?  What triggers them?  Are you interacting with
CUPS in some way, or directly using some hplip tool?
Comment 7 Daniel Walsh 2007-06-28 07:08:18 EDT
I have also seen them

time->Tue Jun 26 16:07:21 2007
type=PATH msg=audit(1182888441.258:11): item=0 name="/.hplip.conf" inode=2
dev=fd:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:root_t:s0
type=CWD msg=audit(1182888441.258:11):  cwd="/usr/share/hplip"
type=SYSCALL msg=audit(1182888441.258:11): arch=40000003 syscall=5 success=no
exit=-13 a0=97d7f38 a1=8241 a2=1b6 a3=988bac0 items=1 ppid=2620 pid=2621
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0
key=(null)
type=AVC msg=audit(1182888441.258:11): avc:  denied  { write } for  pid=2621
comm="python" name="/" dev=dm-0 ino=2 scontext=system_u:system_r:hplip_t:s0
tcontext=system_u:object_r:root_t:s0 tclass=dir

rpm -q hplip
hplip-1.7.4a-2.fc8

I just have it installed and I think it happens on a reboot.  Restart is not
generating them.

Thie is rawhide.
Comment 8 Tim Waugh 2007-06-28 08:40:18 EDT
I can't reproduce that.  I have rawhide here, with hplip-1.7.4a-2.fc8, and I
don't get those audit messages on boot.
Comment 9 Tom London 2007-06-28 09:41:47 EDT
I get them on boot and whenever I do 'service hplip stop; service hplip start'.

I get no AVC with 'service hplip stop'; just with 'start'.  Also running Rawhide.

type=AVC msg=audit(1183037989.902:39): avc:  denied  { getattr } for  pid=4069
comm="python" name=".hplip.conf" dev=dm-0 ino=9043994
scontext=system_u:system_r:hplip_t:s0 tcontext=root:object_r:sysadm_home_t:s0
tclass=file
type=SYSCALL msg=audit(1183037989.902:39): arch=40000003 syscall=195 success=yes
exit=0 a0=9d94c20 a1=bfb42138 a2=4604aff4 a3=9ce81b8 items=0 ppid=4068 pid=4069
auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1
comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null)
type=AVC_PATH msg=audit(1183037989.902:39):  path="/root/.hplip.conf"
type=AVC msg=audit(1183037989.902:40): avc:  denied  { read } for  pid=4069
comm="python" name=".hplip.conf" dev=dm-0 ino=9043994
scontext=system_u:system_r:hplip_t:s0 tcontext=root:object_r:sysadm_home_t:s0
tclass=file
type=SYSCALL msg=audit(1183037989.902:40): arch=40000003 syscall=5 success=yes
exit=4 a0=9da8f98 a1=8000 a2=1b6 a3=9dffbc0 items=0 ppid=4068 pid=4069 auid=500
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 comm="python"
exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null)
Comment 10 Tim Waugh 2007-06-28 11:35:50 EDT
I still can't reproduce this here.  Please try hplip-1.7.4a-3.fc8.
Comment 11 Tom London 2007-06-28 12:03:50 EDT
I downloaded from koji and installed.

'service hplip start' no longer produces AVCs.

I'll test on boot up later.
Comment 12 Fedora Update System 2007-06-29 10:02:37 EDT
hplip-1.7.4a-3.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
Comment 13 Fedora Update System 2007-07-09 11:48:43 EDT
hplip-1.7.4a-4.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
Comment 14 Fedora Update System 2007-07-11 11:20:41 EDT
hplip-1.7.4a-4.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.