View Issue Details

IDProjectCategoryView StatusLast Update
0016209CentOS-7selinux-policypublic2019-06-22 18:57
Reporterwin32asm 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0016209: SELinux is preventing hp from 'write' accesses on the directory /var/lib/net-snmp/mib_indexes.
DescriptionDescription of problem:
started printing the page with drivers from HP site - hplip-3.19.5_rhel-7.0.x86_64.rpm
SELinux is preventing hp from 'write' accesses on the directory /var/lib/net-snmp/mib_indexes.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that hp should be allowed write access on the mib_indexes directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'hp' --raw | audit2allow -M my-hp
# semodule -i my-hp.pp

Additional Information:
Source Context system_u:system_r:cupsd_t:s0-s0:c0.c1023
Target Context system_u:object_r:snmpd_var_lib_t:s0
Target Objects /var/lib/net-snmp/mib_indexes [ dir ]
Source hp
Source Path hp
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages net-snmp-libs-5.7.2-37.el7.x86_64
Policy RPM selinux-policy-3.13.1-229.el7_6.12.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 5.1.9-1.el7.elrepo.x86_64 #1 SMP
                              Tue Jun 11 09:52:00 EDT 2019 x86_64 x86_64
Alert Count 1
First Seen 2019-06-22 11:56:31 PDT
Last Seen 2019-06-22 11:56:31 PDT
Local ID 3959da40-879f-46e6-8f5f-22cfa3fab42a

Raw Audit Messages
type=AVC msg=audit(1561229791.269:1574): avc: denied { write } for pid=30421 comm="hp" name="mib_indexes" dev="nvme0n1p2" ino=58077 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:snmpd_var_lib_t:s0 tclass=dir permissive=0


Hash: hp,cupsd_t,snmpd_var_lib_t,dir,write

Version-Release number of selected component:
selinux-policy-3.13.1-229.el7_6.12.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 5.1.9-1.el7.elrepo.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hasheaacbb77d6e05b06952481485c7608b9b6ee1a5effdba3eecab2c3d01a562e94
URL

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-06-22 18:57 win32asm New Issue