The first rule looks OK, the second one makes me wonder why NetworkManager is using 'gdb' in the first place and secondly why it *should* write to "./rpm" (RPM configuration stuff, referred to as being part of the rpm_var_lib "domain"). A workaround could be to make a local SE Linux policy:
Code:
( cat /var/log/audit/audit.log; cat /var/log/messages ) | audit2allow -M localpolicy
checkmodule -M -m -o localpolicy.mod localpolicy.te
semodule_package -o localpolicy.pp -m localpolicy.mod
semodule -i modules/localpolicy.pp
but you might want to first check the Fedora site for SE Linux differences between this approach and how it should be done with F9. The same site should show a link to the Fedora bug tracker (bugzilla.redhat.com?)