Description of problem: gnome-keyring and SELinux don't like each other very much!! Version-Release number of selected component (if applicable):gnome-keyring-2.20.1-3.fc8 How reproducible:install gnome-keyring, logout and back in... and try and start evolution (which has passwords stored in the keyring) Steps to Reproduce: 1. 2. 3. Actual results: Summary SELinux is preventing /usr/bin/gnome-keyring-daemon (xdm_t) "ptrace" to <Unknown> (unconfined_t). Detailed Description SELinux denied access requested by /usr/bin/gnome-keyring-daemon. It is not expected that this access is required by /usr/bin/gnome-keyring-daemon and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access You can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context system_u:system_r:unconfined_t:s0-s0:c0.c1023 Target Objects None [ process ] Affected RPM Packages gnome-keyring-2.20.1-3.fc8 [application] Policy RPM selinux-policy-3.0.8-62.fc8 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall Host Name toaster Platform Linux toaster 2.6.23.8-63.fc8 #1 SMP Wed Nov 21 17:56:40 EST 2007 x86_64 x86_64 Alert Count 1 First Seen Fri 07 Dec 2007 11:03:34 PM EST Last Seen Fri 07 Dec 2007 11:03:34 PM EST Local ID 16def22c-1856-426d-be7c-79f4c2b653f1 Line Numbers Raw Audit Messages avc: denied { ptrace } for comm=gnome-keyring-d egid=500 euid=500 exe=/usr/bin /gnome-keyring-daemon exit=18 fsgid=500 fsuid=500 gid=500 items=0 pid=5448 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 sgid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 suid=500 tclass=process tcontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tty=(none) uid=500 Expected results: evolution running and accessing keyring without all this damn SELinux noise. Additional info: