Allow virt_lxc_t signal_perms

author Dan Walsh <dwalsh@redhat.com>

Fri, 15 Jul 2011 14:24:27 +0000 (10:24 -0400)

committer Dan Walsh <dwalsh@redhat.com>

Fri, 15 Jul 2011 14:24:27 +0000 (10:24 -0400)
author Dan Walsh <dwalsh@redhat.com>
Fri, 15 Jul 2011 14:24:27 +0000 (10:24 -0400)
committer Dan Walsh <dwalsh@redhat.com>
Fri, 15 Jul 2011 14:24:27 +0000 (10:24 -0400)
diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te

index 14304d1c3310d0d26ce8546193e5644bb7d0a80b..7030be4bfd39d50cfba99b4a461fdc49d5f43625 100644 (file)
--- a/policy/modules/services/virt.te
+++ b/policy/modules/services/virt.te
@@ -732,7 +732,7 @@ optional_policy(`
  # virt_lxc local policy
  #
  allow virt_lxc_t self:capability { net_admin setpcap chown sys_admin };
-allow virt_lxc_t self:process { setsched getcap setcap };
+allow virt_lxc_t self:process { setsched getcap setcap signal_perms };
  allow virt_lxc_t self:fifo_file rw_fifo_file_perms;
  allow virt_lxc_t self:netlink_route_socket rw_netlink_socket_perms;
  allow virt_lxc_t self:unix_stream_socket create_stream_socket_perms;
author	Dan Walsh <dwalsh@redhat.com>
	Fri, 15 Jul 2011 14:24:27 +0000 (10:24 -0400)
committer	Dan Walsh <dwalsh@redhat.com>
	Fri, 15 Jul 2011 14:24:27 +0000 (10:24 -0400)