From: joropo@pioneerwireless.net (JOhn ROss POrter)
Date: Mon, 25 Aug 2008 10:21:40 -0400
Subject: [refpolicy] AVC denials from cups
Message-ID: <48B2BFF4.1000704@pioneerwireless.net>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Getting these denials when printing through cups.

type=AVC msg=audit(1219156658.544:2005): avc:  denied  { search } for 
pid=6591 comm="hp" name="dbus" dev=dm-0 ino=12799869 
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1219156658.544:2005): avc:  denied  { write } for 
pid=6591 comm="hp" name="system_bus_socket" dev=dm-0 ino=12800311 
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=sock_file
type=AVC msg=audit(1219156658.544:2005): avc:  denied  { connectto } for 
  pid=6591 comm="hp" path="/var/run/dbus/system_bus_socket" 
scontext=system_u:system_r:hplip_t:s0-s0:c0.c1023 
tcontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 
tclass=unix_stream_socket


I've created and applied a local policy to allow this access but have 
been instructed to file a bug report about the situation.
Printer description from cups:
*Description:* new driver

*Location:* corner

*Printer Driver:* HP OfficeJet G85 Foomatic/hpijs (recommended)

*Printer State:* idle,
accepting jobs,  published.

*Device URI:* hp:/net/OfficeJet_G85?ip=192.168.1.105

Unfortunatly, I'm unable to locate specific data about the pinter 
driver.  I'll claim it is the latest version available from HP.
Another driver (with same id) does not cause problems.