Bug 360482

I tried to import an OpenVPN configuration file with embedded certificates (via File -> Import VPN...). The configuration is correctly imported. When being asked whether to copy the embedded certificates, I answered yes. In my case, I had to edit the newly created connection to enter my personal OpenVPN user name and password.

When trying to connect to the VPN, the connection fails. This is due to the imported certificates in $HOME/.local/share/networkmanagement/certificates/$VPN_CON_NAME have an incorrect SELinux context:

$ ls -lZ
-rw-rw-r--. 1 martin martin unconfined_u:object_r:data_home_t:s0 2317 Mär 13 17:02 ca.crt                                                                                    
-rw-rw-r--. 1 martin martin unconfined_u:object_r:data_home_t:s0  602 Mär 13 17:02 tls_auth.key

When I run `restorecon *` in that directory, the type context of the files get changed:

$ ls -lZ
-rw-rw-r--. 1 martin martin unconfined_u:object_r:home_cert_t:s0 2317 Mär 13 17:02 ca.crt 
-rw-rw-r--. 1 martin martin unconfined_u:object_r:home_cert_t:s0  602 Mär 13 17:02 tls_auth.key

Now, connecting to the VPN works as expected.

I think the import process should automatically set the correct SELinux context when opening the configuration.

Reproducible: Always

Steps to Reproduce:
1. In the connection editor, use File -> Import VPN...
2. When being asked whether to copy the embedded certificates, answer "Yes".
3. If required, edit the newly created connection to e.g. provide your VPN user name and password.
4. Try to connect.

Actual Results:  
The connection fails.

Expected Results:  
The connection should be properly established.