Summary: SELinux is preventing /bin/bash "getattr" access on /usr/lib/httpd. Detailed Description: SELinux denied access requested by Samsung-ML-1660. It is not expected that this access is required by Samsung-ML-1660 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:cupsd_t:s0-s0:c0.c1023 Target Context system_u:object_r:httpd_modules_t:s0 Target Objects /usr/lib/httpd [ dir ] Source Samsung-ML-1660 Source Path /bin/bash Port <Unknown> Host (removed) Source RPM Packages bash-4.1.7-3.fc14 Target RPM Packages httpd-2.2.17-1.fc14 Policy RPM selinux-policy-3.9.7-14.fc14 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.35.9-64.fc14.i686.PAE #1 SMP Fri Dec 3 12:28:00 UTC 2010 i686 i686 Alert Count 1 First Seen Wed 08 Dec 2010 16:51:57 GMT Last Seen Wed 08 Dec 2010 16:51:57 GMT Local ID 3e91515a-55c3-498e-8d7c-37f3d5f6ed89 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1291827117.374:40): avc: denied { getattr } for pid=2810 comm="Samsung-ML-1660" path="/usr/lib/httpd" dev=dm-0 ino=1710680 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:httpd_modules_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1291827117.374:40): arch=40000003 syscall=195 success=no exit=-13 a0=8cac5c8 a1=bfc46370 a2=4b7ff4 a3=8ca2dd0 items=0 ppid=2798 pid=2810 auid=4294967295 uid=4 gid=7 euid=4 suid=4 fsuid=4 egid=7 sgid=7 fsgid=7 tty=(none) ses=4294967295 comm="Samsung-ML-1660" exe="/bin/bash" subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 key=(null) Hash String generated from catchall,Samsung-ML-1660,cupsd_t,httpd_modules_t,dir,getattr audit2allow suggests: #============= cupsd_t ============== allow cupsd_t httpd_modules_t:dir getattr;
Do you know what were you doing when this happened?
This looks like something the 3rd party Samsung driver is trying to do, perhaps in a CUPS backend or filter. It is not expected that CUPS backends or filters would do something like that.
Mark was trying to install Samsung Laser printer ML-1665. I think this won't happen again. Mark, if yes, please reopen the bug.
09/12/2010 11.35 GMT Just a thought - it may not have worked as it appears to have initially choked on SElinux. I have since deleted SELinux but the problem still remains. Printer USB connected and recognised by Fedora 14 with correct and recommended driver (foomatic/PXL mono) but will still not print test page or anything else. Nothing seen in print queue. Any ideas ? M J Myatt
Try the printing troubleshooter. https://fedoraproject.org/wiki/Printing/Debugging
(In reply to comment #5) > Try the printing troubleshooter. > https://fedoraproject.org/wiki/Printing/Debugging Thank you time for your suggestion. Unhappily there is no text or advice of any kind on that site. It is yet to be activated and not clear whether there is any work in progress. M J Myatt
(In reply to comment #6) > (In reply to comment #5) > > Try the printing troubleshooter. > > https://fedoraproject.org/wiki/Printing/Debugging > > Thank you time for your suggestion. Unhappily there is no text or advice of any > kind on that site. It is yet to be activated and not clear whether there is any > work in progress. You don't see a page entitled "How to debug printing problems"? It certainly works when I view it.