I got an AVC denial due to a mislabeled file, and the denial said NetworkManager had attempted to run "./nscd" whereas it would be expected that a full path would be provided. The setroubleshoot report is attached
Created attachment 308441 [details] AVC denial with unclear path
we normally print the path, which leads me to believe that nm isn't passing anything other than ./ Should we perhaps print cwd if the path begins with ./ ? Hmm.
I'm pretty sure the "./" is just some crap that setroubleshoot added for no apparent reason. Its not in the audit records. SELinux will only print the full paths if it is available for free. If you want full paths you need to load an audit syscall. I suggest in /etc/audit/audit.rules: auditctl -a exit,always -S kill -F pid=1 I think this should be moved to and setroubleshoot bug so it will stop saying ./ but the fact you don't get a full path is NOTABUG
So we came to the conclusion in the Chat room that you need to take the performance hit if you want to always get the data.