Running strict/enforcing, latest Rawhide.
I think the following is coming from cups-config-daemon
I'm always a bit suspicious of fd denials.... these are to /dev/null... Is this an open file leaking across an exec?
Help welcomed..... tom
Nov 28 10:12:25 fedora cups: cupsd shutdown succeeded Nov 28 10:12:25 fedora kernel: audit(1101665545.088:0): avc: denied { use } for pid=4223 exe=/usr/bin/python path=/dev/null dev=tmpfs ino=3516 scontext=system_u:system_r:cupsd_config_t tcontext=system_u:system_r:system_crond_t tclass=fd Nov 28 10:12:25 fedora kernel: audit(1101665545.088:0): avc: denied { use } for pid=4223 exe=/usr/bin/python path=/dev/null dev=tmpfs ino=3516 scontext=system_u:system_r:cupsd_config_t tcontext=system_u:system_r:logrotate_t tclass=fd Nov 28 10:12:25 fedora kernel: audit(1101665545.088:0): avc: denied { use } for pid=4223 exe=/usr/bin/python path=/dev/null dev=tmpfs ino=3516 scontext=system_u:system_r:cupsd_config_t tcontext=system_u:system_r:logrotate_t tclass=fd Nov 28 10:12:25 fedora kernel: audit(1101665545.232:0): avc: denied { use } for pid=4226 exe=/usr/sbin/cupsd path=/dev/null dev=tmpfs ino=3516 scontext=system_u:system_r:cupsd_t tcontext=system_u:system_r:system_crond_t tclass=fd Nov 28 10:12:25 fedora cups: cupsd startup succeeded
On Monday 29 November 2004 06:51, Tom London selinux@gmail.com wrote:
Running strict/enforcing, latest Rawhide.
I think the following is coming from cups-config-daemon
I'm always a bit suspicious of fd denials.... these are to /dev/null... Is this an open file leaking across an exec?
I don't think that this is a problem. Granting access to /dev/null is not an issue. For cron jobs this sort of thing is common.
The attached patch should do the job.
Help welcomed..... tom
Nov 28 10:12:25 fedora cups: cupsd shutdown succeeded Nov 28 10:12:25 fedora kernel: audit(1101665545.088:0): avc: denied { use } for pid=4223 exe=/usr/bin/python path=/dev/null dev=tmpfs ino=3516 scontext=system_u:system_r:cupsd_config_t tcontext=system_u:system_r:system_crond_t tclass=fd Nov 28 10:12:25 fedora kernel: audit(1101665545.088:0): avc: denied { use } for pid=4223 exe=/usr/bin/python path=/dev/null dev=tmpfs ino=3516 scontext=system_u:system_r:cupsd_config_t tcontext=system_u:system_r:logrotate_t tclass=fd Nov 28 10:12:25 fedora kernel: audit(1101665545.088:0): avc: denied { use } for pid=4223 exe=/usr/bin/python path=/dev/null dev=tmpfs ino=3516 scontext=system_u:system_r:cupsd_config_t tcontext=system_u:system_r:logrotate_t tclass=fd Nov 28 10:12:25 fedora kernel: audit(1101665545.232:0): avc: denied { use } for pid=4226 exe=/usr/sbin/cupsd path=/dev/null dev=tmpfs ino=3516 scontext=system_u:system_r:cupsd_t tcontext=system_u:system_r:system_crond_t tclass=fd Nov 28 10:12:25 fedora cups: cupsd startup succeeded
selinux@lists.fedoraproject.org