Vikram Goyal wrote:
These look like leaked file descriptor. Most likely logrotate. Since logrotate probably opens these files for r/w and it restarts cups.Hello, I am getting these avc denied messages. I am not sure if these should be incorporated in local policy. type=AVC msg=audit(1159051843.723:565): avc: denied { read write } for pid=14645 comm="cupsd" name="afick.log" dev=sda12 ino=643989 scontext=user_u:system_r:cupsd_t:s0-s0:c0.c255 tcontext=system_u:object_r:var_log_t:s0 tclass=file type=AVC msg=audit(1159051843.723:565): avc: denied { read write } for pid=14645 comm="cupsd" name="clamd.log" dev=sda12 ino=643867 scontext=user_u:system_r:cupsd_t:s0-s0:c0.c255 tcontext=root:object_r:clamd_var_log_t:s0 tclass=file type=AVC msg=audit(1159051843.723:565): avc: denied { read write } for pid=14645 comm="cupsd" name="freshclam.log" dev=sda12 ino=643915 scontext=user_u:system_r:cupsd_t:s0-s0:c0.c255 tcontext=root:object_r:var_log_t:s0 tclass=fileaudit2allow produces - allow cupsd_t clamd_var_log_t:file { read write };allow cupsd_t var_log_t:file { read write };
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=205072
The installed versions are: cups-1.2.3-1.6 clamav-0.88.4-21.fc5.at afick-2.2-2.2.fc5.rf Thanks!
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
