SELinux is preventing the /usr/sbin/cupsd from using potentially mislabeled files (). SELinux has denied /usr/sbin/cupsd access to potentially mislabeled file(s) (). This means that SELinux will not allow /usr/sbin/cupsd to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. f you want /usr/sbin/cupsd to access this files, you need to relabel them using restorecon -v . You might want to relabel the entire directory using restorecon -R -v . "restorecon -v ."? What directory?? !!
Please attach the AVC messages. /var/log/audit/audit.log
Created attachment 293421 [details] audit.log
You have cups trying to look at the file /home/rick/prn? Is this a local customization. If you want to allow this you can use audit2allow to add it. Cups does not usually read users homedirectories.
# cat /var/log/audit/audit.log | audit2allow -M local ******************** IMPORTANT *********************** To make this policy package active, execute: semodule -i local.pp # semodule -i local.pp libsepol.check_assertion_helper: neverallow violated by allow nfsd_t fixed_disk_device_t:blk_file { read }; Cannot allocate memory. libsemanage.semanage_expand_sandbox: Expand module failed Cannot allocate memory. semodule: Failed!
Created attachment 293439 [details] local.te
Yes you are trying to load a policy that includes nfs being able to read/write raw disk. Try. # grep cups /var/log/audit/audit.log | audit2allow -M local Also update to the latest selinux policy.
THis is local customization so will not fix.