SELinux is preventing 11-dhclient from add_name access on the directory chrony.servers.wlp8s0.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that 11-dhclient should be allowed add_name access on the chrony.servers.wlp8s0 directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c '11-dhclient' --raw | audit2allow -M my-11dhclient # semodule -X 300 -i my-11dhclient.pp

Additional Information: Source Context system_u:system_r:NetworkManager_t:s0 Target Context system_u:object_r:dhcpc_state_t:s0 Target Objects chrony.servers.wlp8s0 [ dir ] Source 11-dhclient Source Path 11-dhclient Port <Unknown> Host castor Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.4-40.fc31.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name castor Platform Linux castor 5.3.12-300.fc31.x86_64 #1 SMP Thu Nov 21 22:52:07 UTC 2019 x86_64 x86_64 Alert Count 2 First Seen 2019-11-30 18:03:35 CET Last Seen 2019-12-01 11:16:46 CET Local ID 0370e7fd-a826-4c80-8239-747a7528c5af

Raw Audit Messages type=AVC msg=audit(1575195406.740:277): avc: denied { add_name } for pid=1466 comm="11-dhclient" name="chrony.servers.wlp8s0" scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:dhcpc_state_t:s0 tclass=dir permissive=0

Hash: 11-dhclient,NetworkManager_t,dhcpc_state_t,dir,add_name