Description of problem: I am unable to print (regular user) to my HP LaserJet 2100 due to the following error message: SELinux is preventing /sbin/modprobe (insmod_t) "sys_nice" to <Unknown> (insmod_t) Version-Release number of selected component (if applicable): Fedora7 SELINUX=enforcing SELINUXTYPE=targeted selinux-policy-2.6.4-61.fc7 How reproducible: Set SELinux to Enforcing and targeted, try to print using the printer drivers part of the yum repos downloaded with Fedora 7. SELinux Troubleshoot browser appears and it will deny any attempts to print. Steps to Reproduce: 1. SELinux = Enabled 2. Targeted 3. Unable to print, access denied. Actual results: Raw Audit Messages avc: denied { sys_nice } for comm="modprobe" egid=0 euid=0 exe="/sbin/modprobe" exit=0 fsgid=0 fsuid=0 gid=0 items=0 pid=5825 scontext=system_u:system_r:insmod_t:s0 sgid=0 subj=system_u:system_r:insmod_t:s0 suid=0 tclass=capability tcontext=system_u:system_r:insmod_t:s0 tty=(none) uid=0 Expected results: Should be able to print, I want to leave SELinux enabled and targeted on my systems or if a Boolean value can be given as a work around maybe? Additional info: Please contact me at grifs71 if you need any further information. Thanks, Scott Griffin
Created attachment 289836 [details] I have attached the SELinux Troubleshoot message.
I had seen another error like this one, however I have the latest SELinux-Policy installed. I have to set SELinux to permissive to print, and I do not want to lower my security setting. Any help would be appreciated. Thanks Scott Griffin
This is strange since this has been allowed for quite a while. Could you reinstall selinux-policy-2.6.4-61 and make sure you get no errors. What does the output of # sesearch --allow | grep insmod | grep sys_nice show? (setools package)
I do not have a command 'sesearch' I get an error or do I need to install a package? Thanks, Scott
yum install setools
I am sorry for the delay I have installed the setools and will be investigating. Scott Griffin