Tim Waugh escreveu:
> On Thu, Jul 28, 2005 at 11:56:48AM -0400, Daniel J Walsh wrote:
>
>
>>Is system-config-printer or the backend server rewrting the file?
>>Changing classes.conf to cupsd_etc_rw_t should allow the backend to
>>rewrite the file.
>
>
> The backend is doing it -- printconf-backend.
>
> As I mentioned before, the previous behaviour had been to create a new
> file and rename it over the old file, and the SELinux policy does not
> seem to allow that. Can you clarify what the correct procedure is for
> system tools that want to write configuration files for running
> daemons?
>
> Thanks,
> Tim.
> */
>
Excuse me, I was confusing, because the avc message that I saw is
related to when I changed the default printer using the cups web
interface, one printer uses the hplip driver the another one no. I think
that's it.
But, I did do strace xsane with SELinux enabled and with it disabled,
and I get the following:
"$ grep 32770 strace_xsane_with_selinux.txt
read(6, "32770\n", 4096) = 6
connect(6, {sa_family=AF_INET, sin_port=htons(32770),
sin_addr=inet_addr("127.0.0.1")}, 16) = 0
$ grep 32770 strace_xsane_without_selinux.txt
read(6, "32770\n", 4096) = 6
connect(6, {sa_family=AF_INET, sin_port=htons(32770),
sin_addr=inet_addr("127.0.0.1")}, 16) = 0
$ grep 32771 strace_xsane_with_selinux.txt
read(6, "32771\n", 4096) = 6
connect(7, {sa_family=AF_INET, sin_port=htons(32771),
sin_addr=inet_addr("127.0.0.1")}, 16) = -1 ECONNREFUSED (Connection refused)
$ grep 32771 strace_xsane_without_selinux.txt
read(6, "32771\n", 4096) = 6
connect(7, {sa_family=AF_INET, sin_port=htons(32771),
sin_addr=inet_addr("127.0.0.1")}, 16) = 0"
And the audit log doesn't show nothing about the port 32771, with
SELinux enabled.
I'm lost. Any ideas, please?
Vinicius.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
