Description of problem: SELinux is preventing /usr/libexec/goa-daemon from 'view' accesses on the key . ***** Plugin catchall (100. confidence) suggests ************************** If you believe that goa-daemon should be allowed view access on the key by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep pool /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:sandbox_web_client_t:s0: c266,c705 Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target Objects [ key ] Source pool Source Path /usr/libexec/goa-daemon Port <Unknown> Host (removed) Source RPM Packages gnome-online-accounts-3.10.2-1.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-106.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.11.10-301.fc20.x86_64 #1 SMP Thu Dec 5 14:01:17 UTC 2013 x86_64 x86_64 Alert Count 551 First Seen 2013-12-12 19:28:12 IST Last Seen 2013-12-12 20:52:06 IST Local ID d7497635-05b8-4d45-a979-46e226e374ff Raw Audit Messages type=AVC msg=audit(1386861726.568:49793): avc: denied { view } for pid=30281 comm="pool" scontext=unconfined_u:unconfined_r:sandbox_web_client_t:s0:c266,c705 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=key type=SYSCALL msg=audit(1386861726.568:49793): arch=x86_64 syscall=keyctl success=no exit=EACCES a0=6 a1=2a28e8ce a2=0 a3=0 items=0 ppid=1 pid=30281 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=1 tty=(none) comm=pool exe=/usr/libexec/goa-daemon subj=unconfined_u:unconfined_r:sandbox_web_client_t:s0:c266,c705 key=(null) Hash: pool,sandbox_web_client_t,unconfined_t,key,view Additional info: reporter: libreport-2.1.9 hashmarkername: setroubleshoot kernel: 3.11.10-301.fc20.x86_64 type: libreport
*** Bug 1041344 has been marked as a duplicate of this bug. ***
*** This bug has been marked as a duplicate of bug 1041345 ***