Enforcing: Mar 12 20:39:50 lain kernel: [ 1687.335751] type=1400 audit(1363117190.389:122): avc: denied { search } for pid=4390 comm="irssi" name="ca-certificates" dev="dm-0" ino=12191671 scontext=staff_u:staff_r:irc_t tcontext=system_u:object_r:cert_t tclass=dir Permissive: Mar 12 20:29:35 lain kernel: [ 1073.410874] type=1400 audit(1363116575.245:97): avc: denied { search } for pid=2801 comm="irssi" name="ca-certificates" dev="dm-0" ino=12191671 scontext=staff_u:staff_r:irc_t tcontext=system_u:object_r:cert_t tclass=dir Mar 12 20:29:35 lain kernel: [ 1073.434008] type=1400 audit(1363116575.268:98): avc: denied { getattr } for pid=2801 comm="irssi" path="/usr/share/ca-certificates/mozilla/UTN_USERFirst_Hardware_Root_CA.crt" dev="dm-0" ino=6558932 scontext=staff_u:staff_r:irc_t tcontext=system_u:object_r:cert_t tclass=file Mar 12 20:29:35 lain kernel: [ 1073.434048] type=1400 audit(1363116575.268:99): avc: denied { read } for pid=2801 comm="irssi" name="UTN_USERFirst_Hardware_Root_CA.crt" dev="dm-0" ino=6558932 scontext=staff_u:staff_r:irc_t tcontext=system_u:object_r:cert_t tclass=file Mar 12 20:29:35 lain kernel: [ 1073.434063] type=1400 audit(1363116575.268:100): avc: denied { open } for pid=2801 comm="irssi" path="/usr/share/ca-certificates/mozilla/UTN_USERFirst_Hardware_Root_CA.crt" dev="dm-0" ino=6558932 scontext=staff_u:staff_r:irc_t tcontext=system_u:object_r:cert_t tclass=file Reproducible: Always
In repo, will be in r13
repo commit c0130ed
In main tree, ~arch'ed (20130424-r1 release)
Now stable in repo