From: joropo@pioneerwireless.net (JOhn ROss POrter) Date: Mon, 25 Aug 2008 10:21:40 -0400 Subject: [refpolicy] AVC denials from cups Message-ID: <48B2BFF4.1000704@pioneerwireless.net> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Getting these denials when printing through cups. type=AVC msg=audit(1219156658.544:2005): avc: denied { search } for pid=6591 comm="hp" name="dbus" dev=dm-0 ino=12799869 scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023 tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=dir type=AVC msg=audit(1219156658.544:2005): avc: denied { write } for pid=6591 comm="hp" name="system_bus_socket" dev=dm-0 ino=12800311 scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023 tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=sock_file type=AVC msg=audit(1219156658.544:2005): avc: denied { connectto } for pid=6591 comm="hp" path="/var/run/dbus/system_bus_socket" scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023 tcontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tclass=unix_stream_socket I've created and applied a local policy to allow this access but have been instructed to file a bug report about the situation. Printer description from cups: *Description:* new driver *Location:* corner *Printer Driver:* HP OfficeJet G85 Foomatic/hpijs (recommended) *Printer State:* idle, accepting jobs, published. *Device URI:* hp:/net/OfficeJet_G85?ip=192.168.1.105 Unfortunatly, I'm unable to locate specific data about the pinter driver. I'll claim it is the latest version available from HP. Another driver (with same id) does not cause problems.