Personal Keyring keeps adding an expired MS cert

You can monitor access to the file with audit like this:

FILE="${HOME}/.local/share/keyrings/user.keystore"
sudo dnf -y install audit
sudo systemctl start auditd.service
sudo tee /etc/audit/rules.d/custom.rules << EOF > /dev/null
-d never,task
-w ${FILE} -k ${FILE##*/}
EOF
sudo augenrules --check
sudo augenrules --load
touch ${FILE}
journalctl --no-pager -b -g ${FILE##*/} _TRANSPORT=audit

But that file is not supposed to be accessed directly.
It should be managed by gnome-keyring-daemon accepting requests from other apps over RPC/dbus.

To be fair, this is not really a Fedora specific issue, so you’d best ask the GNOME devs:

1 Like