Add comments about new capabilities for syslogd_t.

2013-11-13 09:26:38 -05:00 · 2013-11-13 09:26:38 -05:00 · 9fcc6fe625
parent b00d94fb72
commit 9fcc6fe625
1 changed files with 1 additions and 0 deletions
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@ -361,6 +361,7 @@ dontaudit syslogd_t self:capability sys_tty_config;
 # setrlimit for syslog-ng
 # getsched for syslog-ng
 # setsched for rsyslog
+# getcap/setcap for syslog-ng
 allow syslogd_t self:process { getcap setcap signal_perms setpgid setrlimit getsched setsched };
 # receive messages to be logged
 allow syslogd_t self:unix_dgram_socket create_socket_perms;