Running strict/enforcing, latest Rawhide.

Each time I boot, /etc/cups/lpoptions appears to be created with the 'wrong' type: cupsd_etc_t instead of cupsd_rw_etc_t.

Printing from firefox produces the following avc's complaining about accessing /etc/cups/lpoptions in either case.

Does mozilla_macros.te need: ifdef(`cups.te', ` allow $1_mozilla_t cupsd_etc_t:dir search; +allow user_mozilla_t cupsd_rw_etc_t:file read; ')

I'm still working on figuring out why lpoptions is getting the wrong type.....

tom

Dec 2 07:27:56 fedora kernel: audit(1102001276.342:0): avc: denied { read } for pid=3363 exe=/usr/lib/firefox-1.0/firefox-bin name=lpoptions dev=hda2 ino=4474994 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:object_r:cupsd_rw_etc_t tclass=file Dec 2 07:27:56 fedora kernel: audit(1102001276.695:0): avc: denied { read } for pid=3363 exe=/usr/lib/firefox-1.0/firefox-bin name=lpoptions dev=hda2 ino=4474994 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:object_r:cupsd_rw_etc_t tclass=file Dec 2 07:28:00 fedora kernel: audit(1102001280.378:0): avc: denied { read } for pid=3363 exe=/usr/lib/firefox-1.0/firefox-bin name=lpoptions dev=hda2 ino=4474994 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:object_r:cupsd_rw_etc_t tclass=file