From: russell@coker.com.au (Russell Coker) Date: Sun, 12 Feb 2017 17:59:21 +1100 Subject: [refpolicy] [PATCH 2/2] cups: read permission for cupsd_var_run_t socket files in cups_read_pid_files() In-Reply-To: References: <1486657515.28070.9.camel@trentalancia.net> <339abd26-09c2-fdea-ae9b-53e01ab5cbef@ieee.org> Message-ID: <2374176.zg5KFxEMAR@russell.coker.com.au> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Saturday, 11 February 2017 9:00:44 PM AEDT Guido Trentalancia via refpolicy wrote: > Yes, I confirm, sock_file read permissions are needed to print. I've seen that too. I have something similar in the Debian policy. It's not needed to print, it's needed in some configurations which are the default for some situations. It should be possible to configure cups to not need that if you don't need lpr/lpq type functionality - but that may not be possible for all clients. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/