Description of problem: remove unconfined. log in a staff_u Additional info: libreport version: 2.0.17 kernel: 3.6.3-3.fc18.x86_64 description: :SELinux is preventing /usr/bin/gnome-keyring-daemon from 'read' accesses on the directory /home/eparis/.local/share/keyrings. : :***** Plugin catchall (100. confidence) suggests *************************** : :If you believe that gnome-keyring-daemon should be allowed read access on the keyrings directory by default. :Then you should report this as a bug. :You can generate a local policy module to allow this access. :Do :allow this access for now by executing: :# grep gnome-keyring-d /var/log/audit/audit.log | audit2allow -M mypol :# semodule -i mypol.pp : :Additional Information: :Source Context staff_u:staff_r:staff_gkeyringd_t:s0-s0:c0.c1023 :Target Context staff_u:object_r:data_home_t:s0 :Target Objects /home/eparis/.local/share/keyrings [ dir ] :Source gnome-keyring-d :Source Path /usr/bin/gnome-keyring-daemon :Port <Unknown> :Host (removed) :Source RPM Packages gnome-keyring-3.6.1-1.fc18.x86_64 :Target RPM Packages :Policy RPM selinux-policy-3.11.1-46.fc18.noarch :Selinux Enabled True :Policy Type targeted :Enforcing Mode Enforcing :Host Name (removed) :Platform Linux (removed) 3.6.3-3.fc18.x86_64 #1 SMP Tue Oct : 23 14:55:06 UTC 2012 x86_64 x86_64 :Alert Count 1 :First Seen 2012-10-27 15:28:03 EDT :Last Seen 2012-10-27 15:28:03 EDT :Local ID 3c640e47-bc43-4f10-972a-3fc62c01ac42 : :Raw Audit Messages :type=AVC msg=audit(1351366083.81:307): avc: denied { read } for pid=1469 comm="gnome-keyring-d" name="keyrings" dev="dm-0" ino=288 scontext=staff_u:staff_r:staff_gkeyringd_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:data_home_t:s0 tclass=dir : : :type=SYSCALL msg=audit(1351366083.81:307): arch=x86_64 syscall=openat success=no exit=EACCES a0=ffffffffffffff9c a1=107d0b0 a2=90800 a3=0 items=1 ppid=1 pid=1469 auid=4166 uid=4166 gid=4166 euid=4166 suid=4166 fsuid=4166 egid=4166 sgid=4166 fsgid=4166 tty=(none) ses=2 comm=gnome-keyring-d exe=/usr/bin/gnome-keyring-daemon subj=staff_u:staff_r:staff_gkeyringd_t:s0-s0:c0.c1023 key=(null) : :type=CWD msg=audit(1351366083.81:307): cwd=/var/gdm : :type=PATH msg=audit(1351366083.81:307): item=0 name=/home/eparis/.local/share/keyrings inode=288 dev=00:20 mode=040700 ouid=4166 ogid=4166 rdev=00:00 obj=staff_u:object_r:data_home_t:s0 : :Hash: gnome-keyring-d,staff_gkeyringd_t,data_home_t,dir,read : :audit2allow : :#============= staff_gkeyringd_t ============== :allow staff_gkeyringd_t data_home_t:dir read; : :audit2allow -R : :#============= staff_gkeyringd_t ============== :allow staff_gkeyringd_t data_home_t:dir read; :
Created attachment 634323 [details] File: type
Created attachment 634324 [details] File: hashmarkername
Fixed in selinux-policy-3.11.1-47.fc18
selinux-policy-3.11.1-50.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/selinux-policy-3.11.1-50.fc18
Package selinux-policy-3.11.1-50.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.11.1-50.fc18' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-17705/selinux-policy-3.11.1-50.fc18 then log in and leave karma (feedback).
selinux-policy-3.11.1-50.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.