Hi, I'm trying to fix some problems with SELinux policy and system-config-printer. This tool needs to modify /etc/cups/cupsd.conf, and several other files in /etc/cups, but it looks like the policy is preventing it (in enforcing mode). The configuration tool writes a new file (cupsd.conf.new) in the same directory, with the content it wants (derived from cupsd.conf), and tried to rename(cupsd.conf.new,cupsd.conf) -- this fails. I suspect that just writing cupsd.conf directly would work, but I don't want to end up in a situation where a failure half-way through writing causes a broken configuration file in-situ. Probably writing a new file is creating the wrong security context on that file anyway: -rw-r----- 1 root:object_r:cupsd_etc_t root sys 21350 Mar 4 18:17 /etc/cups/cupsd.conf -rw------- 1 system_u:object_r:cupsd_rw_etc_t lp sys 21350 Mar 5 09:39 /etc/cups/cupsd.conf.new but I want to understand what this config tool *should* be doing, and how to make the policy let it do that. Can anyone help? Thanks, Tim. */
Attachment:
pgpNxsl4J3Mpy.pgp
Description: PGP signature
