Description of problem: I ran "su - otheruser" to log into a ocnsole as another user, and immediately got this SELinux alert. SELinux is preventing (fprintd) from 'remount' accesses on the filesystem . ***** Plugin catchall (100. confidence) suggests ************************** If you believe that (fprintd) should be allowed remount access on the filesystem by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c '(fprintd)' --raw | audit2allow -M my-fprintd # semodule -X 300 -i my-fprintd.pp Additional Information: Source Context system_u:system_r:init_t:s0 Target Context system_u:object_r:unlabeled_t:s0 Target Objects [ filesystem ] Source (fprintd) Source Path (fprintd) Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.1-11.fc28.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 4.16.0-0.rc3.git0.1.fc28.x86_64 #1 SMP Mon Feb 26 15:15:43 UTC 2018 x86_64 x86_64 Alert Count 1 First Seen 2018-03-12 13:41:27 EDT Last Seen 2018-03-12 13:41:27 EDT Local ID f78a93c3-dc2a-4364-835a-4d71889100e8 Raw Audit Messages type=AVC msg=audit(1520876487.268:1389): avc: denied { remount } for pid=1781 comm="(fprintd)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 Hash: (fprintd),init_t,unlabeled_t,filesystem,remount Version-Release number of selected component: selinux-policy-3.14.1-11.fc28.noarch Additional info: component: selinux-policy reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.16.0-0.rc3.git0.1.fc28.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 1555142 ***