Re: FC5 Starting CUPS [failed] -- how to debug / fix?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

At 12:53 PM -0400 4/17/06, Tony Nelson wrote:
>I upgraded my working FC3 to FC5.  During boot, starting CUPS fails.
>"service cups status" shows cupsd is stopped, and there's nothing at
>localhost:631.  Localhost is defined (I can ping it).  "service cups start"
>fails.  I don't see anything relevent about CUPS in dmesg or
>/var/log/messages.  The only log I can find that seems to refer to cups
>starting is /var/log/cups/error_log, and its shows:
>
>I [17/Apr/2006:12:27:28 -0400] Listening to 0:631
>I [17/Apr/2006:12:27:28 -0400] Listening to 7f000001:631
>I [17/Apr/2006:12:27:28 -0400] Loaded configuration file "/etc/cups/cupsd.conf"
>I [17/Apr/2006:12:27:28 -0400] Configured for up to 100 clients.
>I [17/Apr/2006:12:27:28 -0400] Allowing up to 100 client connections per host.
>I [17/Apr/2006:12:27:28 -0400] Full reload is required.
>I [17/Apr/2006:12:27:28 -0400] LoadPPDs: Read "/etc/cups/ppds.dat", 1286 PPDs...
>I [17/Apr/2006:12:27:28 -0400] LoadPPDs: No new or changed PPDs...
>I [17/Apr/2006:12:27:28 -0400] Full reload complete.
>E [17/Apr/2006:12:27:28 -0400] StartListening: Unable to bind socket for address 7f000001:631 - Address already in use.
>
>I don't see what is using that address with lsof.  I suppose it is a UNIX
>domain socket.  I don't know if that is the problem.
>
>What should I do now?

OK, I've worked past my first problem (I had copied the "automatically
generated -- DO NOT EDIT" lines from my old cupsd.conf, apparantly a bad
thing).

Now I can't print unless SELinux is permissive.  I'm printing over PAP via
Netatalk (AppleTalk).  Here are the messages from audit.log:

type=AVC msg=audit(1145334386.575:417): avc:  denied  { create } for  pid=5098 comm="pap" scontext=user_u:system_r:cupsd_t:s0-s0:c0.c255 tcontext=user_u:system_r:cupsd_t:s0-s0:c0.c255 tclass=socket
type=SYSCALL msg=audit(1145334386.575:417): arch=40000003 syscall=102 success=no exit=-13 a0=1 a1=bfe6a500 a2=8f2f00 a3=8f3200 items=0 pid=5098 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="pap" exe="/usr/bin/pap"
type=SOCKETCALL msg=audit(1145334386.575:417): nargs=3 a0=5 a1=2 a2=0
type=AVC msg=audit(1145334386.919:418): avc:  denied  { unlink } for  pid=4006 comm="cupsd" name="printers.conf.O" dev=dm-2 ino=2802530 scontext=user_u:system_r:cupsd_t:s0-s0:c0.c255 tcontext=user_u:object_r:cupsd_etc_t:s0 tclass=file
type=SYSCALL msg=audit(1145334386.919:418): arch=40000003 syscall=38 success=no exit=-13 a0=bfe153d8 a1=bfe14fd8 a2=b165dc a3=bfe14fd8 items=2 pid=4006 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="cupsd" exe="/usr/sbin/cupsd"
type=CWD msg=audit(1145334386.919:418):  cwd="/"
type=PATH msg=audit(1145334386.919:418): item=0 name="/etc/cups/printers.conf" flags=10  inode=2802517 dev=fd:02 mode=040775 ouid=0 ogid=3 rdev=00:00
type=PATH msg=audit(1145334386.919:418): item=1 name="/etc/cups/printers.conf.O" flags=10  inode=2802517 dev=fd:02 mode=040775 ouid=0 ogid=3 rdev=00:00

Note that this is not the same as the other CUPS SELinux problem, as this
one relates to PAP and Netatalk.  I don't know if this is a problem with
SELinux' policy or my upgraded installation.  I did try relabeling.  I don't
know SELinux.

Is anyone successfully printing over PAP and Netatalk on FC5, with SELinux
enforcing?
____________________________________________________________________
TonyN.:'                       <mailto:tonynelson@xxxxxxxxxxxxxxxxx>
      '                              <http://www.georgeanelson.com/>
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux