Index: fedora-policy/policy/modules/contrib/mcelog.te =================================================================== --- fedora-policy.orig/policy/modules/contrib/mcelog.te +++ fedora-policy/policy/modules/contrib/mcelog.te @@ -58,7 +58,7 @@ files_pid_file(mcelog_var_run_t) # Local policy # -allow mcelog_t self:capability sys_admin; +allow mcelog_t self:capability { sys_admin setgid }; allow mcelog_t self:unix_stream_socket connected_socket_perms; allow mcelog_t mcelog_etc_t:dir list_dir_perms;