Description of problem: ABRT kernel.core_pattern has been recently enhanced to drop all capabilities [1] but SELinux prevents the process to do that. time->Wed Nov 2 14:00:50 2016 type=PROCTITLE msg=audit(1478091650.527:3205): proctitle=2F7573722F6C6962657865632F616272742D686F6F6B2D636370700031310031383434363734343037333730393535313631350031393539370031383630310031383630310031343738303931363530003139353937003139353937 type=SYSCALL msg=audit(1478091650.527:3205): arch=c000003e syscall=126 success=yes exit=0 a0=55fffd7678d4 a1=55fffd7678dc a2=5 a3=1 items=0 ppid=19598 pid=19599 auid=4294967295 uid=18601 gid=18601 euid=18601 suid=18601 fsuid=18601 egid=18601 sgid=18601 fsgid=18601 tty=(none) ses=4294967295 comm="abrt-hook-ccpp" exe="/usr/libexec/abrt-hook-ccpp" subj=system_u:system_r:abrt_dump_oops_t:s0 key=(null) type=AVC msg=audit(1478091650.527:3205): avc: denied { setcap } for pid=19599 comm="abrt-hook-ccpp" scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=system_u:system_r:abrt_dump_oops_t:s0 tclass=process permissive=1 Version-Release number of selected component (if applicable): selinux-policy-3.13.1-221.fc26.noarch How reproducible: Always with the most recent ABRT version from upstream 1: https://github.com/abrt/abrt/commit/8f924520e45a557151e689c3feee569cfde6828d
This bug appears to have been reported against 'rawhide' during the Fedora 26 development cycle. Changing version to '26'.
selinux-policy-3.13.1-251.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-f36794dd98
selinux-policy-3.13.1-251.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-f36794dd98
selinux-policy-3.13.1-251.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.