Description of problem: While using Fedora Mate 32 an SELinux error pops up with details: SELinux is preventing pcscd from using the sys_nice capability. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that pcscd should have the sys_nice capability by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'pcscd' --raw | audit2allow -M my-pcscd # semodule -X 300 -i my-pcscd.pp Additional Information: Source Context system_u:system_r:pcscd_t:s0 Target Context system_u:system_r:pcscd_t:s0 Target Objects Unknown [ capability ] Source pcscd Source Path pcscd Port <Unknown> Host mythal Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-3.14.5-32.fc32.noarch Local Policy RPM selinux-policy-targeted-3.14.5-32.fc32.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name mythal Platform Linux mythal 5.6.8-300.fc32.x86_64 #1 SMP Wed Apr 29 19:01:34 UTC 2020 x86_64 x86_64 Alert Count 1 First Seen 2020-05-03 23:16:17 BST Last Seen 2020-05-03 23:16:17 BST Local ID b7f49c04-9dd2-4145-9d21-afceb124c014 Raw Audit Messages type=AVC msg=audit(1588544177.380:751): avc: denied { sys_nice } for pid=35070 comm="pcscd" capability=23 scontext=system_u:system_r:pcscd_t:s0 tcontext=system_u:system_r:pcscd_t:s0 tclass=capability permissive=0 Hash: pcscd,pcscd_t,pcscd_t,capability,sys_nice Version-Release number of selected component (if applicable): How reproducible: I m not sure how the bug comes up, sometimes after boot, sometimes when opening a program like firefox.
*** This bug has been marked as a duplicate of bug 1811407 ***