hostname: small adjustments

* reorder process - capabilities statements
* remove unsighted debian block

policy/modules/system/hostname.te

@@ -15,9 +15,9 @@ role system_r types hostname_t;
 # Local policy
 #
 
-# for setting the hostname
-allow hostname_t self:process { sigchld sigkill sigstop signull signal };
+# sys_admin : for setting the hostname
 allow hostname_t self:capability sys_admin;
+allow hostname_t self:process { sigchld sigkill sigstop signull signal };
 allow hostname_t self:unix_stream_socket create_stream_socket_perms;
 dontaudit hostname_t self:capability sys_tty_config;
 
@@ -56,10 +56,6 @@ sysnet_dontaudit_rw_dhcpc_unix_stream_sockets(hostname_t)
 sysnet_read_config(hostname_t)
 sysnet_dns_name_resolve(hostname_t)
 
-ifdef(`distro_debian',`
-	term_dontaudit_use_unallocated_ttys(hostname_t)
-')
-
 optional_policy(`
 	nis_use_ypbind(hostname_t)
 ')