Description of problem: System is updated with yum-cron. After cups update, I got: type=AVC msg=audit(1288716983.014:438796): avc: denied { connectto } for pid=25455 comm="smbd" path="/var/run/cups/cups.sock" scontext=root:system_r:smbd_t:s0 tcontext=user_u:system_r:rpm_script_t:s0 tclass=unix_stream_socket Tried restarting cups from ssh connection, now I get: type=AVC msg=audit(1288717673.561:439250): avc: denied { connectto } for pid=14483 comm="smbd" path="/var/run/cups/cups.sock" scontext=root:system_r:smbd_t:s0 tcontext=root:system_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket srwxrwxrwx root root root:object_r:cupsd_var_run_t /var/run/cups/cups.sock root:system_r:unconfined_t:SystemLow-SystemHigh root 17768 1 0 10:56 ? 00:00:01 cupsd How do I get cupsd to run confined? Version-Release number of selected component (if applicable): selinux-policy-2.4.6-279.el5_5.1
Some how you ended up running cups as rpm_script_t Try service cups restart And it should run with the proper context. ps -eZ |grep cups
I did restart cups, now it is "unconfined_t" as noted above.
Then your initrc scripts are mislabeled. restorecon -R -v /etc/rc.d
Damn, I should have remembered that. That did the trick. Thanks.