Custom systemd service ExecStart fails with AVC denials

Solution Verified - Updated -


  • When a systemd unit file attempts to run ExecStart for an executable in a user's home directory it fails with an AVC denial similar to the following:
type=AVC msg=audit(07/24/2020 10:40:46.402:762) : avc:  denied  { execute } for  pid=5221 comm=( dev="dm-0" ino=8424005 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:home_bin_t:s0 tclass=file permissive=0


  • Red Hat Enterprise 8

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content