ssh: Debian sshd is configured to use capabilities

Signed-off-by: Dominick Grift <dominick.grift@gmail.com>

policy/modules/services/ssh.te

@@ -245,6 +245,10 @@ term_relabelto_all_ptys(sshd_t)
 corenet_tcp_bind_xserver_port(sshd_t)
 corenet_sendrecv_xserver_server_packets(sshd_t)
 
+ifdef(`distro_debian',`
+	allow sshd_t self:process { getcap setcap };
+')
+
 tunable_policy(`ssh_sysadm_login',`
 	# Relabel and access ptys created by sshd
 	# ioctl is necessary for logout() processing for utmp entry and for w to