Daemon (re)starts successfully, but bug is still present.

Update including smartmontools-selinux does not fix the bug on Fedora 33. $ rpm -qa smartmontools* smartmontools-7.2-9.fc33.x86_64 smartmontools-selinux-7.2-9.fc33.noarch

$ systemctl restart smartd ... open se troubleshooter:

Additional Information: Source Context system_u:system_r:fsdaemon_t:s0 Target Context system_u:object_r:nvme_device_t:s0 Target Objects /dev/nvme0 [ chr_file ] Source smartd Source Path smartd Port <Unbekannt> Host (removed) Source RPM Packages
Target RPM Packages
SELinux Policy RPM selinux-policy-targeted-3.14.6-39.fc33.noarch Local Policy RPM smartmontools-selinux-7.2-9.fc33.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.13.9-100.fc33.x86_64 #1 SMP Mon Aug 9 12:04:50 UTC 2021 x86_64 x86_64 Alert Count 5 First Seen 2021-08-18 18:21:40 CEST Last Seen 2021-08-19 12:38:12 CEST Local ID 017c8780-b33a-44e1-a91a-f3796dff268f

Raw Audit Messages type=AVC msg=audit(1629369492.549:154347): avc: denied { open } for pid=576249 comm="smartd" path="/dev/nvme0" dev="devtmpfs" ino=328 scontext=system_u:system_r:fsdaemon_t:s0 tcontext=system_u:object_r:nvme_device_t:s0 tclass=chr_file permissive=0

What @mandree said: while the update is functional, it doesn’t resolve the SELinux issues. If I update to smartmontools-selinux-7.2-9.fc33, and then disable my custom smartmon-bz1990463 SELinux module, the same avc denials return.

This update eliminated the selinux bug. Thank you.

smartmontools-7.2-10.fc33 seems to fare better for me on F33. No more setroubleshooter notifications on systemctl restart smartd