From: Dan Walsh <dwalsh@redhat.com>
Date: Thu, 17 Nov 2011 21:31:16 +0000 (-0500)
Subject: Mount usinging the curlftpfs will require sys_nice and setsched
X-Git-Tag: 000~99
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=633cf006ced401e3b2c6e8dc2af7f32564b585ce;p=people%2Fstevee%2Fselinux-policy.git

Mount usinging the curlftpfs will require sys_nice and setsched
---

diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
index f1121f7c..b06d0482 100644
--- a/policy/modules/system/mount.te
+++ b/policy/modules/system/mount.te
@@ -47,8 +47,8 @@ role system_r types showmount_t;
 #
 
 # setuid/setgid needed to mount cifs 
-allow mount_t self:capability { fsetid fowner ipc_lock setpcap sys_rawio sys_resource sys_admin dac_override dac_read_search chown sys_tty_config setuid setgid };
-allow mount_t self:process { getcap getsched setcap setrlimit signal };
+allow mount_t self:capability { fsetid fowner ipc_lock setpcap sys_rawio sys_resource sys_admin dac_override dac_read_search chown sys_tty_config setuid setgid sys_nice };
+allow mount_t self:process { getcap getsched setsched setcap setrlimit signal };
 tunable_policy(`deny_ptrace',`',`
 	allow mount_t self:process ptrace;
 ')