Description of problem: On boot up, or on 'service hplip start', hplip generates AVCs. Appears to be trying to create /.hplip.conf Attached are the AVCs when running in permissive mode. Version-Release number of selected component (if applicable): hplip-1.7.4a-1.fc8 How reproducible: Every time Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Created attachment 157005 [details] AVCs from 'service hplip start' in permissive mode
Why is this program creating a file in the /root directory?
This is another instance of bug #241776. Investigating.
Should be fixed in 1.7.4a-2.fc8.
I'm continuing to see this with hplip-1.7.4a-2.fc8 type=AVC msg=audit(1182958803.610:11): avc: denied { getattr } for pid=2983 comm="python" name=".hplip.conf" dev=dm-0 ino=98414 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file type=SYSCALL msg=audit(1182958803.610:11): arch=40000003 syscall=195 success=no exit=-13 a0=8256708 a1=bfab6bf8 a2=4604aff4 a3=81a51b8 items=0 ppid=2982 pid=2983 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null) type=AVC_PATH msg=audit(1182958803.610:11): path="/.hplip.conf" type=AVC msg=audit(1182958803.610:12): avc: denied { write } for pid=2983 comm="python" name=".hplip.conf" dev=dm-0 ino=98414 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file type=SYSCALL msg=audit(1182958803.610:12): arch=40000003 syscall=5 success=no exit=-13 a0=8256708 a1=8241 a2=1b6 a3=82bb430 items=0 ppid=2982 pid=2983 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null) type=AVC msg=audit(1182958803.610:13): avc: denied { getattr } for pid=2983 comm="python" name=".hplip.conf" dev=dm-0 ino=98414 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file type=SYSCALL msg=audit(1182958803.610:13): arch=40000003 syscall=195 success=no exit=-13 a0=8256c40 a1=bfab6818 a2=4604aff4 a3=81a51b8 items=0 ppid=2982 pid=2983 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null) type=AVC_PATH msg=audit(1182958803.610:13): path="/.hplip.conf"
Tom: how are you getting those? What triggers them? Are you interacting with CUPS in some way, or directly using some hplip tool?
I have also seen them time->Tue Jun 26 16:07:21 2007 type=PATH msg=audit(1182888441.258:11): item=0 name="/.hplip.conf" inode=2 dev=fd:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:root_t:s0 type=CWD msg=audit(1182888441.258:11): cwd="/usr/share/hplip" type=SYSCALL msg=audit(1182888441.258:11): arch=40000003 syscall=5 success=no exit=-13 a0=97d7f38 a1=8241 a2=1b6 a3=988bac0 items=1 ppid=2620 pid=2621 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null) type=AVC msg=audit(1182888441.258:11): avc: denied { write } for pid=2621 comm="python" name="/" dev=dm-0 ino=2 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir rpm -q hplip hplip-1.7.4a-2.fc8 I just have it installed and I think it happens on a reboot. Restart is not generating them. Thie is rawhide.
I can't reproduce that. I have rawhide here, with hplip-1.7.4a-2.fc8, and I don't get those audit messages on boot.
I get them on boot and whenever I do 'service hplip stop; service hplip start'. I get no AVC with 'service hplip stop'; just with 'start'. Also running Rawhide. type=AVC msg=audit(1183037989.902:39): avc: denied { getattr } for pid=4069 comm="python" name=".hplip.conf" dev=dm-0 ino=9043994 scontext=system_u:system_r:hplip_t:s0 tcontext=root:object_r:sysadm_home_t:s0 tclass=file type=SYSCALL msg=audit(1183037989.902:39): arch=40000003 syscall=195 success=yes exit=0 a0=9d94c20 a1=bfb42138 a2=4604aff4 a3=9ce81b8 items=0 ppid=4068 pid=4069 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null) type=AVC_PATH msg=audit(1183037989.902:39): path="/root/.hplip.conf" type=AVC msg=audit(1183037989.902:40): avc: denied { read } for pid=4069 comm="python" name=".hplip.conf" dev=dm-0 ino=9043994 scontext=system_u:system_r:hplip_t:s0 tcontext=root:object_r:sysadm_home_t:s0 tclass=file type=SYSCALL msg=audit(1183037989.902:40): arch=40000003 syscall=5 success=yes exit=4 a0=9da8f98 a1=8000 a2=1b6 a3=9dffbc0 items=0 ppid=4068 pid=4069 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null)
I still can't reproduce this here. Please try hplip-1.7.4a-3.fc8.
I downloaded from koji and installed. 'service hplip start' no longer produces AVCs. I'll test on boot up later.
hplip-1.7.4a-3.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report.
hplip-1.7.4a-4.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report.
hplip-1.7.4a-4.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.