[ubuntu-hardened] SELinux breaks cups
Ian W Roberts
ianwroberts at internode.on.net
Fri Apr 11 02:19:19 BST 2008
I'm giving ubuntu-8.04-beta-server-amd64 a go on my new home server. It
installed fine and is mostly running well. Sharing files and (hopefully)
a printer via samba is the major task for the server.
I've installed SELinux (learning opportunity) and one outstanding
problem is getting cups running.
When I (re)install cupsys and cupsys-client I get the following:
The following NEW packages will be installed:
0 upgraded, 2 newly installed, 0 to remove and 6 not upgraded.
Need to get 0B/1970kB of archives.
After this operation, 10.5MB of additional disk space will be used.
Preconfiguring packages ...
Selecting previously deselected package cupsys.
(Reading database ... 30319 files and directories currently installed.)
Unpacking cupsys (from .../cupsys_1.3.7-1ubuntu2_amd64.deb) ...
Selecting previously deselected package cupsys-client.
Unpacking cupsys-client (from
Setting up cupsys (1.3.7-1ubuntu2) ...
Unable to find apparmor_parser, installation problem?: Failed.
invoke-rc.d: initscript apparmor, action "force-reload" failed.
* Starting Common Unix Printing System: cupsd start-stop-daemon: Unable
to start /usr/sbin/cupsd: Permission denied (Permission denied)
invoke-rc.d: initscript cupsys, action "start" failed.
dpkg: error processing cupsys (--configure):
subprocess post-installation script returned error exit status 2
Setting up cupsys-client (1.3.7-1ubuntu2) ...
Errors were encountered while processing:
E: Sub-process /usr/bin/dpkg returned an error code (1)
and syslog displays:
Apr 11 10:03:49 tunnelball kernel: [56186.723703]
audit(1207874029.018:9): security_compute_sid: invalid context
Looks like an SELinux problem to me.
I've done quite a bit of web crawling to find a solution. There are a
number of parallel experiences but no resolutions. Any suggestions
(other than apt-get remove selinux!)?
Ian W Roberts
e: ianwroberts at internode.on.net
More information about the ubuntu-hardened