From: pebenito@ieee.org (Chris PeBenito)
Date: Sat, 13 Aug 2016 09:55:33 -0400
Subject: [refpolicy] [PATCH v2] Update the rtkit module
In-Reply-To: <1471094802.21480.11.camel@trentalancia.net>
References: <1470788169.2788.0.camel@trentalancia.net>
	<1471094802.21480.11.camel@trentalancia.net>
Message-ID: <463a22ee-ca41-a0a6-2357-3184b9d58917@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 08/13/16 09:26, Guido Trentalancia wrote:
> Update the rtkit daemon module so that the daemon can be started.
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
>  policy/modules/contrib/rtkit.te |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> --- refpolicy-git-06082016-orig/policy/modules/contrib/rtkit.te	2016-08-06 21:27:11.420095090 +0200
> +++ refpolicy-git-06082016/policy/modules/contrib/rtkit.te	2016-08-13 15:06:37.239716395 +0200
> @@ -20,7 +20,7 @@ init_unit_file(rtkit_daemon_unit_t)
>  # Local policy
>  #
>
> -allow rtkit_daemon_t self:capability { dac_read_search setuid sys_chroot setgid sys_nice sys_ptrace };
> +allow rtkit_daemon_t self:capability { dac_read_search setgid setpcap setuid sys_chroot sys_nice sys_ptrace };
>  allow rtkit_daemon_t self:process { setsched getcap setcap setrlimit };
>
>  kernel_read_system_state(rtkit_daemon_t)

Merged.

-- 
Chris PeBenito