From 9fcc6fe625efc435fc30abf2f77358117ea5ac80 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 13 Nov 2013 09:26:38 -0500
Subject: [PATCH] Add comments about new capabilities for syslogd_t.

---
 policy/modules/system/logging.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index d7e857e85..43d31ac4f 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -361,6 +361,7 @@ dontaudit syslogd_t self:capability sys_tty_config;
 # setrlimit for syslog-ng
 # getsched for syslog-ng
 # setsched for rsyslog
+# getcap/setcap for syslog-ng
 allow syslogd_t self:process { getcap setcap signal_perms setpgid setrlimit getsched setsched };
 # receive messages to be logged
 allow syslogd_t self:unix_dgram_socket create_socket_perms;