Description of problem: SELinux is preventing gnome-shell from 'watch' accesses on the directory /home/james. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that gnome-shell should be allowed watch access on the james directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'gnome-shell' --raw | audit2allow -M my-gnomeshell # semodule -X 300 -i my-gnomeshell.pp Additional Information: Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_home_dir_t:s0 Target Objects /home/james [ dir ] Source gnome-shell Source Path gnome-shell Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-36.10-1.fc36.noarch Local Policy RPM selinux-policy-targeted-36.10-1.fc36.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.18.13-200.fc36.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Jul 22 14:03:36 UTC 2022 x86_64 x86_64 Alert Count 4 First Seen 2022-08-03 23:24:08 BST Last Seen 2022-08-03 23:24:19 BST Local ID 95abe3ac-2ffb-4834-83c8-bdf010f69305 Raw Audit Messages type=AVC msg=audit(1659565459.557:2171): avc: denied { watch } for pid=129930 comm="gmain" path="/home/james" dev="dm-0" ino=1583 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=0 Hash: gnome-shell,xdm_t,user_home_dir_t,dir,watch Version-Release number of selected component: selinux-policy-targeted-36.10-1.fc36.noarch Additional info: component: selinux-policy reporter: libreport-2.17.1 hashmarkername: setroubleshoot kernel: 5.18.13-200.fc36.x86_64 type: libreport Potential duplicate: bug 1963745
Similar problem has been detected: Logged into GNOME. hashmarkername: setroubleshoot kernel: 5.18.17-200.fc36.x86_64 package: selinux-policy-targeted-36.13-3.fc36.noarch reason: SELinux is preventing gnome-shell from 'watch' accesses on the directory /home/james. type: libreport
FEDORA-2022-e7d50924ec has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7d50924ec
FEDORA-2022-e7d50924ec has been pushed to the Fedora 36 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-e7d50924ec` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7d50924ec See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-e7d50924ec has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report.