Hide Forgot
Created attachment 498492 [details] output of ausearch -m AVC |grep keyring Description of problem: When starting gnome-keyring-daemon I get this error $ /usr/bin/gnome-keyring-daemon gnome-keyring-daemon: error dropping process capabilities, aborting bradford:~ $ When looking at ausearch I get attached list of errors, but audit2allow boils it down to allow staff_gkeyringd_t self:process setcap; Version-Release number of selected component (if applicable): gnome-keyring-3.0.1-2.fc15.x86_64 selinux-policy-3.9.16-23.fc15.noarch How reproducible: 100% Steps to Reproduce: 1.start Gnome session 2. 3. Actual results: no gnome-keyring Expected results: There should be one, otherwise I am very very sad Additional info: With the audit2allow generated module gnome-keyring-daemon starts up.
This is caused by two patches I pushed to gnome-keyring-3.0.1-2.fc15: https://bugzilla.gnome.org/show_bug.cgi?id=649560 First we drop all caps and then set only IPC_LOCK. This fails due to SELinux policy restrictions.
Oh, just noticed, scontext=staff_u:staff_r:staff_gkeyringd_t As long as the package update is submitted for F15, it won't affect many people.
Since this version of Fedora is no longer supported I am closing this bugs. If you are still seeing this bug in a current version of fedora, please reopen the bugzilla with the appropriate version number.