Upgrading a late ThinLinc 4.3.0post install to 4.4.0rc5 on a RHEL 7 server, I got this SELinux error when tl-setup was adding the printer queues. It didn't stop tl-setup from completing, and there was no errors reported in tl-setup. Complete error messages from setroubleshootd: > SELinux is preventing /usr/bin/python2.7 from unlink access on the file /opt/thinlinc/modules/thinlinc/vsm/lowxmlrpc.pyc. > > ***** Plugin catchall_labels (83.8 confidence) suggests ******************* > > If you want to allow python2.7 to have unlink access on the lowxmlrpc.pyc file > Then du behöver ändra etiketten på /opt/thinlinc/modules/thinlinc/vsm/lowxmlrpc.pyc > Do > # semanage fcontext -a -t FILTYP '/opt/thinlinc/modules/thinlinc/vsm/lowxmlrpc.pyc' > där FILTYP är en av följande: cupsd_interface_t, cupsd_lock_t, cupsd_log_t, cupsd_rw_etc_t, > cupsd_tmp_t, cupsd_var_lib_t, cupsd_var_run_t, krb5_host_rcache_t, print_spool_t. > Kör sedan: > restorecon -v '/opt/thinlinc/modules/thinlinc/vsm/lowxmlrpc.pyc' > > > ***** Plugin catchall (17.1 confidence) suggests ************************** > > If du tror att python2.7 borde tillåtas åtkomsten unlink till lowxmlrpc.pyc file som standard. > Then du bör rapportera detta som ett fel. > Du kan generera en lokal policymodul för att tillåta denna åtkomst. > Do > tillåt denna åtkomst för tillfället genom att köra: > # grep python-thinlinc /var/log/audit/audit.log | audit2allow -M minpol > # semodule -i minpol.pp > > Additional Information: > Source Context system_u:system_r:cupsd_t:s0-s0:c0.c1023 > Target Context system_u:object_r:usr_t:s0 > Target Objects /opt/thinlinc/modules/thinlinc/vsm/lowxmlrpc.pyc [ file ] > Source python-thinlinc > Source Path /usr/bin/python2.7 > Port <Unknown> > Host dhcp-253-247.lkpg.cendio.se > Source RPM Packages python-2.7.5-16.el7.x86_64 > Target RPM Packages thinlinc-vsm-4.4.0-4775.x86_64 > Policy RPM selinux-policy-3.13.1-23.el7_1.7.noarch > Selinux Enabled True > Policy Type targeted > Enforcing Mode Enforcing > Host Name dhcp-253-247.lkpg.cendio.se > Platform Linux dhcp-253-247.lkpg.cendio.se 3.10.0-229.4.2.el7.x86_64 #1 SMP Fri Apr 24 15:26:38 EDT 2015 x86_64 x86_64 > Alert Count 29 > First Seen 2015-05-21 10:42:23 CEST > Last Seen 2015-06-04 09:00:45 CEST > Local ID 5c391b78-cc9b-4eea-aafe-e90149df28b6 > > Raw Audit Messages > type=AVC msg=audit(1433401245.508:3087): avc: denied { unlink } for > pid=49866 comm="python-thinlinc" name="lowxmlrpc.pyc" dev="dm-0" > ino=101634113 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 > tcontext=system_u:object_r:usr_t:s0 tclass=file > > > type=SYSCALL msg=audit(1433401245.508:3087): arch=x86_64 syscall=unlink success=no > exit=EACCES a0=1d0f930 a1=1c780 a2=81a4 a3=7f71111cd5d0 items=0 ppid=49852 pid=49866 > auid=4294967295 uid=0 gid=7 euid=0 suid=0 fsuid=0 egid=7 sgid=7 fsgid=7 tty=(none) > ses=4294967295 comm=python-thinlinc exe=/usr/bin/python2.7 > subj=system_u:system_r:cupsd_t:s0 s0:c0.c1023 key=(null) > > Hash: python-thinlinc,cupsd_t,usr_t,file,unlink
*** This bug has been marked as a duplicate of bug 3846 ***
