Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 119510

Summary: cups filters generate AVC messges on access to font directories.
Product: [Fedora] Fedora Reporter: Aleksey Nogin <aleksey>
Component: policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED RAWHIDE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: pgraner, twaugh
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-05-10 15:04:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 122683    

Description Aleksey Nogin 2004-03-30 23:44:54 UTC 
When printing I see AVC that appear to be in need of fixing.

Mar 30 15:42:33 dell kernel: audit(1080690153.824:0): avc:  denied  {
getattr } for  pid=3650 exe=/usr/bin/gs path=/usr/share/fonts dev=hda2
ino=114501 scontext=system_u:system_r:cupsd_t
tcontext=system_u:object_r:fonts_t tclass=dir
Mar 30 15:42:33 dell kernel: audit(1080690153.824:0): avc:  denied  {
read } for  pid=3650 exe=/usr/bin/gs name=fonts dev=hda2 ino=114501
scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:fonts_t
tclass=dir
Mar 30 15:42:33 dell kernel: audit(1080690153.825:0): avc:  denied  {
getattr } for  pid=3650 exe=/usr/bin/gs
path=/usr/X11R6/lib/X11/fonts/Type1 dev=hda2 ino=1193839
scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:fonts_t
tclass=dir
Mar 30 15:42:33 dell kernel: audit(1080690153.825:0): avc:  denied  {
read } for  pid=3650 exe=/usr/bin/gs name=Type1 dev=hda2 ino=1193839
scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:fonts_t
tclass=dir
Mar 30 15:42:33 dell kernel: audit(1080690153.825:0): avc:  denied  {
getattr } for  pid=3650 exe=/usr/bin/gs
path=/usr/X11R6/lib/X11/fonts/OTF dev=hda2 ino=4366585
scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:fonts_t
tclass=dir
Mar 30 15:42:33 dell kernel: audit(1080690153.825:0): avc:  denied  {
read } for  pid=3650 exe=/usr/bin/gs name=OTF dev=hda2 ino=4366585
scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:fonts_t
tclass=dir
Comment 1 Daniel Walsh 2004-03-31 03:23:46 UTC 
Fixed in policy-1.9.1-4