From: dominick.grift@gmail.com (grift)
Date: Mon, 17 Dec 2012 21:40:57 +0100
Subject: [refpolicy] [PATCH 5/9] Allow pcscd the fsetid capability
In-Reply-To: <1355774297-13606-5-git-send-email-bigon@debian.org>
References: <1355774297-13606-1-git-send-email-bigon@debian.org>
	<1355774297-13606-5-git-send-email-bigon@debian.org>
Message-ID: <1355776857.2269.17.camel@localhost>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Mon, 2012-12-17 at 20:58 +0100, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon@bigon.be>

This was merged, thanks

> ---
>  pcscd.te |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/pcscd.te b/pcscd.te
> index b7b82ab..5e44a7b 100644
> --- a/pcscd.te
> +++ b/pcscd.te
> @@ -21,7 +21,7 @@ init_daemon_run_dir(pcscd_var_run_t, "pcscd")
>  # Local policy
>  #
>  
> -allow pcscd_t self:capability { dac_override dac_read_search };
> +allow pcscd_t self:capability { dac_override dac_read_search fsetid };
>  allow pcscd_t self:process signal;
>  allow pcscd_t self:fifo_file rw_fifo_file_perms;
>  allow pcscd_t self:unix_stream_socket { accept listen };