Summary: SELinux is preventing /usr/local/bin/cnijnetprn from binding to port 8611. Detailed Description: SELinux has denied the cnijnetprn from binding to a network port 8611 which does not have an SELinux type associated with it. If cnijnetprn should be allowed to listen on 8611, use the semanage command to assign 8611 to a port type that cupsd_t can bind to (howl_port_t, ipp_port_t). If cnijnetprn is not supposed to bind to 8611, this could signal an intrusion attempt. Allowing Access: If you want to allow cnijnetprn to bind to port 8611, you can execute # semanage port -a -t PORT_TYPE -p udp 8611 where PORT_TYPE is one of the following: howl_port_t, ipp_port_t. If this system is running as an NIS Client, turning on the allow_ypbind boolean may fix the problem. setsebool -P allow_ypbind=1. Additional Information: Source Context system_u:system_r:cupsd_t:s0-s0:c0.c1023 Target Context system_u:object_r:port_t:s0 Target Objects None [ udp_socket ] Source cnijnetprn Source Path /usr/local/bin/cnijnetprn Port 8611 Host (removed) Source RPM Packages cnijfilter-common-3.20-1 Target RPM Packages Policy RPM selinux-policy-3.6.32-41.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name bind_ports Host Name (removed) Platform Linux (removed) 2.6.31.5-127.fc12.i686.PAE #1 SMP Sat Nov 7 21:25:57 EST 2009 i686 i686 Alert Count 1 First Seen Fri 04 Jun 2010 08:12:06 PM PHT Last Seen Fri 04 Jun 2010 08:12:06 PM PHT Local ID 0e9e70b4-738c-4ac1-9dcd-e84c62bcb7fe Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1275653526.867:22): avc: denied { name_bind } for pid=2069 comm="cnijnetprn" src=8611 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=udp_socket node=(removed) type=SYSCALL msg=audit(1275653526.867:22): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bfe2b030 a2=f40114 a3=1 items=0 ppid=2068 pid=2069 auid=4294967295 uid=4 gid=7 euid=4 suid=4 fsuid=4 egid=7 sgid=7 fsgid=7 tty=(none) ses=4294967295 comm="cnijnetprn" exe="/usr/local/bin/cnijnetprn" subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-41.fc12,bind_ports,cnijnetprn,cupsd_t,port_t,udp_socket,name_bind audit2allow suggests: #============= cupsd_t ============== allow cupsd_t port_t:udp_socket name_bind;
i got that bug when im trying to install the printer canon pixma mp258. however after i installed the package for fedora 11 that i got from the canon website, i reboot the system then the printer is now working. I was able to print a test page. I'm not sure what is this bug
yum -y update Get the latest policy and reopen if this happens again.