From 2799beef9e73c2aac9614e6a69ec3f02b91fb7f0 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 20 Dec 2011 16:54:35 +0000
Subject: [PATCH] sssd now needs sys_admin

---
 policy/modules/services/sssd.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/services/sssd.te b/policy/modules/services/sssd.te
index eb8979db..b6989947 100644
--- a/policy/modules/services/sssd.te
+++ b/policy/modules/services/sssd.te
@@ -30,7 +30,7 @@ files_pid_file(sssd_var_run_t)
 # sssd local policy
 #
 
-allow sssd_t self:capability { chown dac_read_search dac_override kill net_admin sys_nice setgid setuid };
+allow sssd_t self:capability { chown dac_read_search dac_override kill net_admin sys_nice setgid setuid sys_admin };
 allow sssd_t self:process { setfscreate setsched sigkill signal getsched };
 allow sssd_t self:fifo_file rw_fifo_file_perms;
 allow sssd_t self:key manage_key_perms;
-- 
2.47.3