Description of problem: gpg-agent seems to want to create the file ~/.cache/gpg-agent-info upon login: type=AVC msg=audit(1359076396.23:356): avc: denied { write } for pid=1681 comm="gpg-agent" name=".cache" dev="dm-1" ino=266 scontext=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:cache_home_t:s0 tclass=dir type=AVC msg=audit(1359076396.23:356): avc: denied { add_name } for pid=1681 comm="gpg-agent" name="gpg-agent-info" scontext=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:cache_home_t:s0 tclass=dir type=AVC msg=audit(1359076396.23:356): avc: denied { create } for pid=1681 comm="gpg-agent" name="gpg-agent-info" scontext=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:cache_home_t:s0 tclass=file type=AVC msg=audit(1359076396.23:356): avc: denied { write open } for pid=1681 comm="gpg-agent" path="/home/gholms/.cache/gpg-agent-info" dev="dm-1" ino=15084 scontext=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:cache_home_t:s0 tclass=file type=SYSCALL msg=audit(1359076396.23:356): arch=x86_64 syscall=open success=yes exit=ESRCH a0=7fff5538ea91 a1=241 a2=1b6 a3=238 items=0 ppid=1679 pid=1681 auid=1000 uid=1000 gid=100 euid=1000 suid=1000 fsuid=1000 egid=100 sgid=100 fsgid=100 ses=3 tty=(none) comm=gpg-agent exe=/usr/bin/gpg-agent subj=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1359076396.24:357): avc: denied { getattr } for pid=1681 comm="gpg-agent" path="/home/gholms/.cache/gpg-agent-info" dev="dm-1" ino=15084 scontext=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:cache_home_t:s0 tclass=file type=SYSCALL msg=audit(1359076396.24:357): arch=x86_64 syscall=fstat success=yes exit=0 a0=3 a1=7fff5538d970 a2=7fff5538d970 a3=7fff5538d840 items=0 ppid=1679 pid=1681 auid=1000 uid=1000 gid=100 euid=1000 suid=1000 fsuid=1000 egid=100 sgid=100 fsgid=100 ses=3 tty=(none) comm=gpg-agent exe=/usr/bin/gpg-agent subj=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 key=(null) Version-Release number of selected component (if applicable): gnupg2-2.0.19-7.fc18.x86_64 selinux-policy-3.11.1-71.fc18.noarch
Fixed in selinux-policy-3.11.1-74.fc18.noarch
selinux-policy-3.11.1-74.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/selinux-policy-3.11.1-74.fc18
Package selinux-policy-3.11.1-74.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.11.1-74.fc18' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-1693/selinux-policy-3.11.1-74.fc18 then log in and leave karma (feedback).
selinux-policy-3.11.1-74.fc18 fixes some of them, but not all: type=AVC msg=audit(1360014098.980:335): avc: denied { write } for pid=1494 comm="gpg-agent" name="gpg-agent-info" dev="dm-1" ino=15084 scontext=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:cache_home_t:s0 tclass=file type=AVC msg=audit(1360014098.980:335): avc: denied { open } for pid=1494 comm="gpg-agent" path="/home/gholms/.cache/gpg-agent-info" dev="dm-1" ino=15084 scontext=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:cache_home_t:s0 tclass=file type=SYSCALL msg=audit(1360014098.980:335): arch=x86_64 syscall=open success=yes exit=ESRCH a0=7fffc0347a93 a1=241 a2=1b6 a3=238 items=0 ppid=1492 pid=1494 auid=1000 uid=1000 gid=100 euid=1000 suid=1000 fsuid=1000 egid=100 sgid=100 fsgid=100 ses=2 tty=(none) comm=gpg-agent exe=/usr/bin/gpg-agent subj=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1360014099.9:336): avc: denied { getattr } for pid=1494 comm="gpg-agent" path="/home/gholms/.cache/gpg-agent-info" dev="dm-1" ino=15084 scontext=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:cache_home_t:s0 tclass=file type=SYSCALL msg=audit(1360014099.9:336): arch=x86_64 syscall=fstat success=yes exit=0 a0=3 a1=7fffc0345ca0 a2=7fffc0345ca0 a3=238 items=0 ppid=1492 pid=1494 auid=1000 uid=1000 gid=100 euid=1000 suid=1000 fsuid=1000 egid=100 sgid=100 fsgid=100 ses=2 tty=(none) comm=gpg-agent exe=/usr/bin/gpg-agent subj=staff_u:staff_r:gpg_agent_t:s0-s0:c0.c1023 key=(null)
Sorry; disregard that. Apparently deleting things from seapplet's list doesn't prevent it from going back and re-adding them, even for events that happened a week ago. ausearch it is!
selinux-policy-3.11.1-74.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.