From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Dec 2011 16:54:35 +0000 (+0000)
Subject: sssd now needs sys_admin
X-Git-Tag: 000~13
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2799beef9e73c2aac9614e6a69ec3f02b91fb7f0;p=people%2Fstevee%2Fselinux-policy.git

sssd now needs sys_admin
---

diff --git a/policy/modules/services/sssd.te b/policy/modules/services/sssd.te
index eb8979db..b6989947 100644
--- a/policy/modules/services/sssd.te
+++ b/policy/modules/services/sssd.te
@@ -30,7 +30,7 @@ files_pid_file(sssd_var_run_t)
 # sssd local policy
 #
 
-allow sssd_t self:capability { chown dac_read_search dac_override kill net_admin sys_nice setgid setuid };
+allow sssd_t self:capability { chown dac_read_search dac_override kill net_admin sys_nice setgid setuid sys_admin };
 allow sssd_t self:process { setfscreate setsched sigkill signal getsched };
 allow sssd_t self:fifo_file rw_fifo_file_perms;
 allow sssd_t self:key manage_key_perms;