Description of problem: SELinux is preventing python (hplip_t) "read" security_t. Version-Release number of selected component (if applicable): latest stable How reproducible: Occurs every time I turn on my HP OfficeJet and again when I start up the Scanner Tool Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: This is the output of the setroubleshoot browser: Source Context: system_u:system_r:hplip_t:s0Target Context: system_u:object_r:security_t:s0Target Objects: mls [ file ]Source: pythonSource Path: /usr/bin/pythonPort: <Unknown>Host: localhost.localdomainSource RPM Packages: python-2.6-9.fc11Target RPM Packages: Policy RPM: selinux-policy-3.6.12-53.fc11Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: EnforcingPlugin Name: catchallHost Name: localhost.localdomainPlatform: Linux localhost.localdomain 2.6.29.5-191.fc11.x86_64 #1 SMP Tue Jun 16 23:23:21 EDT 2009 x86_64 x86_64Alert Count: 22First Seen: Thu 02 Jul 2009 05:54:33 PM ISTLast Seen: Sat 11 Jul 2009 04:09:39 PM ISTLocal ID: 2330e803-5d9a-4cf7-affb-364cffa48a3eLine Numbers: Raw Audit Messages :node=localhost.localdomain type=AVC msg=audit(1247308779.854:1720): avc: denied { read } for pid=9958 comm="python" name="mls" dev=selinuxfs ino=12 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=file node=localhost.localdomain type=SYSCALL msg=audit(1247308779.854:1720): arch=c000003e syscall=2 success=no exit=-813547560 a0=7fff527c2560 a1=0 a2=7fff527c256c a3=fffffff8 items=0 ppid=9952 pid=9958 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null)
Summary: SELinux is preventing python (hplip_t) "read" security_t. Detailed Description: SELinux denied access requested by python. It is not expected that this access is required by python and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:hplip_t:s0 Target Context system_u:object_r:security_t:s0 Target Objects mls [ file ] Source python Source Path /usr/bin/python Port <Unknown> Host localhost.localdomain Source RPM Packages python-2.6-9.fc11 Target RPM Packages Policy RPM selinux-policy-3.6.12-53.fc11 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.29.5-191.fc11.x86_64 #1 SMP Tue Jun 16 23:23:21 EDT 2009 x86_64 x86_64 Alert Count 46 First Seen Mon 29 Jun 2009 08:43:04 AM PDT Last Seen Sun 12 Jul 2009 04:15:12 PM PDT Local ID 107879bb-cd99-445f-8604-6837608dfbc4 Line Numbers Raw Audit Messages node=localhost.localdomain type=AVC msg=audit(1247440512.956:23): avc: denied { read } for pid=2404 comm="python" name="mls" dev=selinuxfs ino=12 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=file node=localhost.localdomain type=SYSCALL msg=audit(1247440512.956:23): arch=c000003e syscall=2 success=no exit=218685400 a0=7fffbf5f8270 a1=0 a2=7fffbf5f827c a3=fffffff8 items=0 ppid=2398 pid=2404 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="python" exe="/usr/bin/python" subj=system_u:system_r:hplip_t:s0 key=(null)
*** This bug has been marked as a duplicate of bug 507098 ***