SELinux is preventing /opt/google/chrome/chrome from write access on the directory /home/rick/.sage.
***** Plugin catchall (100. confidence) suggests ***************************
If you believe that chrome should be allowed write access on the .sage directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep chrome /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c
0.c1023
Target Context unconfined_u:object_r:user_home_t:s0
Target Objects /home/rick/.sage [ dir ]
Source chrome
Source Path /opt/google/chrome/chrome
Port <Unknown>
Source RPM Packages google-chrome-stable-28.0.1500.71-209842.i386
Target RPM Packages
Policy RPM selinux-policy-3.10.0-170.fc17.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Sun Jul 14 01:34:14 UTC 2013 i686 i686
Alert Count 1
First Seen 2013-07-30 13:17:57 EDT
Last Seen 2013-07-30 13:17:57 EDT
Local ID d984be81-6864-452c-974b-4cecba51149b
Raw Audit Messages
type=AVC msg=audit(1375204677.41:5388): avc: denied { write } for pid=12239 comm="chrome" name=".sage" dev="dm-2" ino=3802163 scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir
type=SYSCALL msg=audit(1375204677.41:5388): arch=i386 syscall=open success=no exit=EACCES a0=b7eb6a5c a1=8441 a2=1b6 a3=b7edeb00 items=0 ppid=0 pid=12239 auid=1001 uid=1001 gid=1001 euid=1001 suid=1001 fsuid=1001 egid=1001 sgid=1001 fsgid=1001 ses=694 tty=pts1 comm=chrome exe=/opt/google/chrome/chrome subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null)
Hash: chrome,chrome_sandbox_t,user_home_t,dir,write
audit2allow
#============= chrome_sandbox_t ==============
#!!!! The source type 'chrome_sandbox_t' can write to a 'dir' of the following types:
# home_cert_t, user_home_dir_t, cgroup_t, tmpfs_t, tmp_t, user_fonts_cache_t, chrome_sandbox_tmpfs_t, chrome_sandbox_tmp_t
allow chrome_sandbox_t user_home_t:dir write;
audit2allow -R
#============= chrome_sandbox_t ==============
#!!!! The source type 'chrome_sandbox_t' can write to a 'dir' of the following types:
# home_cert_t, user_home_dir_t, cgroup_t, tmpfs_t, tmp_t, user_fonts_cache_t, chrome_sandbox_tmpfs_t, chrome_sandbox_tmp_t
allow chrome_sandbox_t user_home_t:dir write;
["Details" End]