https://bugzilla.novell.com/show_bug.cgi?id=876108 https://bugzilla.novell.com/show_bug.cgi?id=876108#c0 Summary: cups /tmp/* symlinks and kernel audit log Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: x86-64 OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: AppArmor AssignedTo: suse-beta@cboltz.de ReportedBy: koenig@linux.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- 1) cups creates tons of temp symlinks like this one -- it would be nice if they'd be removed after use: ls -l /tmp/52f62e0701fa6 lrwxrwxrwx 1 harald users 24 Feb 8 14:15 /tmp/52f62e0701fa6 -> /etc/cups/ppd/hp4650.ppd 2) there are some (apparmor?) rules which block access as root (not as normal user): ls -lL /tmp/52f62e0701fa6 ls: cannot access /tmp/52f62e0701fa6: Permission denied giving May 2 10:52:19 hl kernel: [307558.514035] type=1702 audit(1399020739.856:1429): op=follow_link ppid=13870 pid=29590 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=2 tty=pts2 comm="ls" exe="/usr/bin/ls" res=0 May 2 10:52:19 hl kernel: [307558.514055] type=1302 audit(1399020739.856:1430): item=0 name="/tmp/52f62e0701fa6" inode=1457341 dev=fd:02 mode=0120777 ouid=1000 ogid=100 rdev=00:00 and wc /tmp/52f62db4880d7 wc: /tmp/52f62db4880d7: Permission denied May 2 10:52:22 hl kernel: [307561.238326] type=1702 audit(1399020742.582:1431): op=follow_link ppid=13870 pid=29593 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=2 tty=pts2 comm="wc" exe="/usr/bin/wc" res=0 May 2 10:52:22 hl kernel: [307561.238351] type=1302 audit(1399020742.582:1432): item=0 name="/tmp/52f62db4880d7" inode=1457335 dev=fd:02 mode=0120777 ouid=1000 ogid=100 rdev=00:00 May 2 10:52:22 hl kernel: [307561.238381] type=1702 audit(1399020742.582:1433): op=follow_link ppid=13870 pid=29593 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=2 tty=pts2 comm="wc" exe="/usr/bin/wc" res=0 May 2 10:52:22 hl kernel: [307561.238399] type=1302 audit(1399020742.582:1434): item=0 name="/tmp/52f62db4880d7" inode=1457335 dev=fd:02 mode=0120777 ouid=1000 ogid=100 rdev=00:00 but normal user can read: wc /tmp/52f62e0701fa6 4965 17867 197531 /tmp/52f62e0701fa6 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.