auditd / auditctl: fix audits

policy/modules/system/logging.te

@@ -100,6 +100,7 @@ ifdef(`enable_mls',`
 #
 
 allow auditctl_t self:capability { fsetid dac_read_search dac_override };
+allow auditctl_t self:process getcap;
 allow auditctl_t self:netlink_audit_socket nlmsg_readpriv;
 
 read_files_pattern(auditctl_t, auditd_etc_t, auditd_etc_t)
@@ -149,6 +150,7 @@ allow auditd_t auditd_etc_t:dir list_dir_perms;
 allow auditd_t auditd_etc_t:file read_file_perms;
 
 manage_files_pattern(auditd_t, auditd_log_t, auditd_log_t)
+allow auditd_t auditd_log_t:dir setattr;
 manage_lnk_files_pattern(auditd_t, auditd_log_t, auditd_log_t)
 allow auditd_t var_log_t:dir search_dir_perms;