This is often caused because root is trying to write to a directory or file that it doesn’t have write access to. Eg, root tries to write to a dir that is 0755 and owned by foo:bar. Unconfined root runs with CAP_DAC_OVERRIDE which allows it to write to it. Assuming the problem is what I described, you need to take a look at what the application is doing and either adjust the directory/file permissions or adjust the code in some manner to not trigger this. Also, depending on how the program is written, dac_override may be non-fatal. See man 7 capabilities for details.
1 Like