>From b39252acdfd9a5c91eb15fe73c1a37d7eec930ad Mon Sep 17 00:00:00 2001 From: Serge E. Hallyn <serue@xxxxxxxxxx> Date: Thu, 10 Jan 2008 10:27:09 -0600 Subject: [PATCH 1/1] add setfcap to list of capabilities The setfcap capability is needed to be allowed to assign file capabilities. Define the capability in access_vectors. Of course I'll need to go through the modules and actually assign the capability to those where it makes sense, i.e. presumably admin/rpm.te... Signed-off-by: Serge E. Hallyn <serue@xxxxxxxxxx> --- policy/flask/access_vectors | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors index c986778..45d9773 100644 --- a/policy/flask/access_vectors +++ b/policy/flask/access_vectors @@ -381,6 +381,7 @@ class capability lease audit_write audit_control + setfcap } -- 1.5.3.7 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
