Description of problem: Problem was noticed after upgrading F23 to F24b SELinux is preventing nmbd from using the 'net_admin' capabilities. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that nmbd should have the net_admin capability by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'nmbd' --raw | audit2allow -M my-nmbd # semodule -X 300 -i my-nmbd.pp Additional Information: Source Context system_u:system_r:nmbd_t:s0 Target Context system_u:system_r:nmbd_t:s0 Target Objects Unknown [ capability ] Source nmbd Source Path nmbd Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-189.fc24.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.5.5-300.fc24.x86_64 #1 SMP Thu May 19 13:05:32 UTC 2016 x86_64 x86_64 Alert Count 6 First Seen 2016-05-30 19:11:40 EDT Last Seen 2016-05-31 12:30:01 EDT Local ID 229d10d1-f7a1-4520-b219-25fe2302d2c7 Raw Audit Messages type=AVC msg=audit(1464712201.73:299): avc: denied { net_admin } for pid=1408 comm="nmbd" capability=12 scontext=system_u:system_r:nmbd_t:s0 tcontext=system_u:system_r:nmbd_t:s0 tclass=capability permissive=0 Hash: nmbd,nmbd_t,nmbd_t,capability,net_admin Version-Release number of selected component: selinux-policy-3.13.1-189.fc24.noarch Additional info: reporter: libreport-2.7.1 hashmarkername: setroubleshoot kernel: 4.5.5-300.fc24.x86_64 reproducible: Not sure how to reproduce the problem type: libreport Potential duplicate: bug 1304072
*** This bug has been marked as a duplicate of bug 1304072 ***