Description of problem:
When i put some entries into /etc/security/sepermit.conf it causes gnome-screensaver to not be able to lock the screen ( in SELinux enforcing mode )

If i put the system in permissive mode, then gnome-screensaver is able to lock the screen but is not able to unlock the screen.

Version-Release number of selected component (if applicable):
pam-1.1.0-5.fc12.x86_64
gnome-screensaver-2.28.0-1.fc12.x86_64

How reproducible:
Add some entries to /etc/security/sepermit.conf:

# cat /etc/security/sepermit.conf

# /etc/security/sepermit.conf
#
# Each line contains either:
#        - an user name
#        - a group name, with @group syntax
#        - a SELinux user name, with %seuser syntax
# Each line can contain optional arguments separated by :
# The possible arguments are:
#        - exclusive - only single login session will
#          be allowed for the user and the user's processes
#          will be killed on logout
%root
%guest_u
%xguest_u
%user_u
%staff_u
%sysadm_u
%unconfined_u

Next, from a Gnome desktop session lock the screen.
The screen will dim. Press the space bar and the screen will return to the desktop.

Note that gnome-screensaver did not lock the screen.

Next comment the entries in /etc/security/sepermit.conf or remove them.
From a Gnome desktop session lock the screen.
The screen will dim. Press the space bar and a password dialog prompts for the password of the user that is currently logged in. 
Enter the user password to unlock the screen. 

Steps to Reproduce:
1. echo %user_u >> /etc/security/sepermit.conf
2. 'lock screen'
3. 'unlock screen' 

Actual results:
If you configure pam_sepermit e.g. add entries to the sepermit.config file, the screen does not lock (in selinux enforcing mode)

Expected results:

The screensaver should lock the screen even if there are entries in sepermit.conf.


Additional info: