----- Original Message ----- From: Steven Stern Sent: 05/04/14 11:53 PM To: Community support for Fedora users Subject: Re: cups-pdf
On 05/04/2014 04:48 PM, Patrick Dupre wrote:
When I try to use cups-pdf to generate pdf file, I have no output. /var/log//cups/cups-pdf_log shows an error:
Sun May 4 23:22:44 2014 [ERROR] ghostscript reported an error (256) Sun May 4 23:22:44 2014 [ERROR] failed to set file mode for PDF file (non fatal) (/home/pdupre/Desktop/NICE-OHMS_v2.pdf)
I did not find the solution on internet!
Thank for your help.
Is SELinux in enforcing mode?
Yes, If I switch to permissive then the pdf file is generated.
But on another machine, the file generation is OK even in enforced mode! (BOTH fc20).
Well, there you go! Either you once created an overriding policy or...
How do I do this?
=========================================================================== Patrick DUPRÉ | | email: pdupre@gmx.com Laboratoire de Physico-Chimie de l'Atmosphère | | Université du Littoral-Côte d'Opale | | Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44 189A, avenue Maurice Schumann | | 59140 Dunkerque, France ===========================================================================
On 05/04/2014 04:57 PM, Patrick Dupre wrote:
----- Original Message ----- From: Steven Stern Sent: 05/04/14 11:53 PM To: Community support for Fedora users Subject: Re: cups-pdf
On 05/04/2014 04:48 PM, Patrick Dupre wrote:
When I try to use cups-pdf to generate pdf file, I have no output. /var/log//cups/cups-pdf_log shows an error:
Sun May 4 23:22:44 2014 [ERROR] ghostscript reported an error (256) Sun May 4 23:22:44 2014 [ERROR] failed to set file mode for PDF file (non fatal) (/home/pdupre/Desktop/NICE-OHMS_v2.pdf)
I did not find the solution on internet!
Thank for your help.
Is SELinux in enforcing mode?
Yes, If I switch to permissive then the pdf file is generated.
But on another machine, the file generation is OK even in enforced mode! (BOTH fc20).
Well, there you go! Either you once created an overriding policy or...
How do I do this?
sealert should offer to show you how to create a policy to allow it. Do you have the setroubleshootd daemon running?
sealert -a /var/log/audit
or
sudo grep pdf /var/log/audit/audit.log | audit2allow -M mypol sudo semodule -i mypol.pp
On 05/05/14 06:03, Steven Stern wrote:
On 05/04/2014 04:57 PM, Patrick Dupre wrote:
How do I do this?
sealert should offer to show you how to create a policy to allow it. Do you have the setroubleshootd daemon running?
sealert -a /var/log/audit
or
sudo grep pdf /var/log/audit/audit.log | audit2allow -M mypol sudo semodule -i mypol.pp
FWIW, since the file is being generated and placed in $HOME/Desktop one should *not* have to generate a new policy for that. It works just fine here.
It may be helpful to run "restorecon -n -v -R $HOME" to see if the SELinux security contexts are set correctly.
-
Ed Greshko -
Patrick Dupre -
SternData