Description of problem: SELinux is preventing nm-openconnect- from using the setsched access on a process. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that nm-openconnect- should be allowed setsched access on processes labeled vpnc_t by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'nm-openconnect-' --raw | audit2allow -M my-nmopenconnect # semodule -X 300 -i my-nmopenconnect.pp Additional Information: Source Context system_u:system_r:vpnc_t:s0 Target Context system_u:system_r:vpnc_t:s0 Target Objects Unknown [ process ] Source nm-openconnect- Source Path nm-openconnect- Port <Unknown> Host anonymous Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-3.14.5-40.fc32.noarch Local Policy RPM selinux-policy-targeted-3.14.5-40.fc32.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name anonymous Platform Linux anonymous 5.6.19-300.fc32.x86_64 #1 SMP Wed Jun 17 16:10:48 UTC 2020 x86_64 x86_64 Alert Count 7 First Seen 2020-06-03 14:09:43 CEST Last Seen 2020-06-29 16:16:05 CEST Local ID 55d804c8-a7f6-4b41-a00c-024431f80254 Raw Audit Messages type=AVC msg=audit(1593440165.145:416): avc: denied { setsched } for pid=81060 comm="nm-openconnect-" scontext=system_u:system_r:vpnc_t:s0 tcontext=system_u:system_r:vpnc_t:s0 tclass=process permissive=0 Hash: nm-openconnect-,vpnc_t,vpnc_t,process,setsched
*** This bug has been marked as a duplicate of bug 1817528 ***