Description of problem: Hello, I have this problem since the update of October 21, which caused a panic kernel, so I start on the previous kernel and I have this error. SELinux is preventing dnf from using the 'mac_admin' capabilities. ***** Plugin catchall (100. confidence) suggests ************************** Si vous pensez que dnf devrait avoir des capacités mac_admin par défaut. Then vous devriez rapporter ceci en tant qu'anomalie. Vous pouvez générer un module de stratégie local pour autoriser cet accès. Do autoriser cet accès pour le moment en exécutant : # ausearch -c "dnf" --raw | audit2allow -M my-dnf # semodule -X 300 -i my-dnf.pp Additional Information: Source Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target Objects Inconnu [ capability2 ] Source dnf Source Path dnf Port <Inconnu> Host (removed) Source RPM Packages Target RPM Packages Policy RPM <Inconnu> Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.2.15-200.fc30.x86_64 #1 SMP Mon Sep 16 15:17:36 UTC 2019 x86_64 x86_64 Alert Count 1 First Seen 2019-10-21 08:31:02 CEST Last Seen 2019-10-21 08:31:02 CEST Local ID bacef89d-817c-4eba-982c-0bce9d3db7ca Raw Audit Messages type=AVC msg=audit(1571639462.686:18000): avc: denied { mac_admin } for pid=31923 comm="dnf" capability=33 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=capability2 permissive=0 Hash: dnf,unconfined_t,unconfined_t,capability2,mac_admin Additional info: component: selinux-policy reporter: libreport-2.10.1 hashmarkername: setroubleshoot kernel: 5.2.15-200.fc30.x86_64 type: libreport Potential duplicate: bug 1557350
Created attachment 1628246 [details] File: CameraZOOM-20191021204545113.jpg
Created attachment 1628247 [details] File: CameraZOOM-20191021204602496.jpg
*** Bug 1764543 has been marked as a duplicate of this bug. ***
This is connected with your previous report. These is SELinux label on filesystem which is not defined in SELinux policy. *** This bug has been marked as a duplicate of bug 1764538 ***