On Wed, 21 Jul 2004 02:19, Tom London selinux@comcast.net wrote:
avc: denied { create } for pid=3684 exe=/usr/sbin/ptal-mlcd name=usb:PSC_900_Series scontext=system_u:system_r:ptal_t tcontext=system_u:object_r:var_run_t tclass=sock_file
fedora ptal-mlcd: FATAL ERROR at ExMgr.cpp:1250, dev=mlc:usb:PSC_900_Series, pid=3684, e=13, t=1090333076 bind(/var/run/ptal-mlcd/usb:PSC_900_Series) failed! Ensure /var/run/ptal-mlcd/ exists.
The above shows ptal failing to create sock-file '/var/run/ptal-mcld/usb:....'). (Shouldn't the tcontext be 'ptal_var_run_t'????)
Correct. The directory /var/run/ptal-mcld should have type ptal_var_run_t.
The problem was that the below two lines in cups.fc had "--" specified for the type. Remove the "--" and relabel /var/run and things should be fine. /var/run/ptal-printd(/.*)? system_u:object_r:ptal_var_run_t /var/run/ptal-mlcd(/.*)? system_u:object_r:ptal_var_run_t
Jul 20 07:17:56 fedora kernel: audit(1090333076.799:0): avc:
denied { search } for pid=3685 exe=/usr/sbin/ptal-printd name=root dev=hda2 ino=1196033 scontext=system_u:system_r:ptal_t tcontext=root:object_r:staff_home_dir_t tclass=dir
I don't know why ptal is trying to seach '/root'.
Lots of daemons do that. dontaudit is the correct solution to that.