Tom London wrote:
Running targeted/enforcing, 1.23.10-5, rawhide.
When I disconnected a USB printer, got the following:
Apr 15 09:56:51 localhost kernel: usb 2-1: USB disconnect, address 2
Apr 15 09:56:51 localhost kernel: drivers/usb/class/usblp.c: usblp0: removed
Apr 15 09:56:55 localhost dbus: avc: denied { send_msg } for
msgtype=signal interface=com.redhat.PrinterSpooler
member=PrinterRemoved dest=org.freedesktop.DBus spid=2634 tpid=3592
scontext=user_u:system_r:cupsd_t tcontext=user_u:system_r:unconfined_t
tclass=dbus
Apr 15 09:56:55 localhost last message repeated 2 times
Apr 15 09:56:55 localhost dbus: avc: denied { send_msg } for
msgtype=signal interface=com.redhat.PrinterSpooler member=PrinterAdded
dest=org.freedesktop.DBus spid=2634 tpid=3592
scontext=user_u:system_r:cupsd_t tcontext=user_u:system_r:unconfined_t
tclass=dbus
Apr 15 09:56:55 localhost dbus: avc: denied { send_msg } for
msgtype=signal interface=com.redhat.PrinterSpooler member=PrinterAdded
dest=org.freedesktop.DBus spid=2634 tpid=3592
scontext=user_u:system_r:cupsd_t tcontext=user_u:system_r:unconfined_t
tclass=dbus
audit2allow says:
allow cupsd_t unconfined_t:dbus send_msg;
That right?
tom
Yes it will be in tomorrow's patch.
I wonder if I should add userdomain and unpriv_userdomain attribute to
unconfined_t for targeted. Probably to dangerous.
typeattribute unconfined_t userdomain;
typeattribute unconfined_t unpriv_userdomain;
--