From d5590d10227dc83e7545737b8c02f6bf0e41a334 Mon Sep 17 00:00:00 2001
From: Marcin Haba <marcin.haba@bacula.pl>
Date: Wed, 8 Jul 2015 18:46:20 +0200
Subject: [PATCH] baculum: Add audit_write SELinux capability to baculum.pp
 module

---
 gui/baculum/examples/selinux/baculum.pp | Bin 2795 -> 2986 bytes
 gui/baculum/examples/selinux/baculum.te |   2 ++
 2 files changed, 2 insertions(+)

diff --git a/gui/baculum/examples/selinux/baculum.pp b/gui/baculum/examples/selinux/baculum.pp
index b68145ea8422d985d9d857bf1ea470b1ac70ebf1..98d24d6dd2a970b38cd662ac99965a3d96144291 100644
GIT binary patch
delta 192
zcmaDYx=MUPA}cEc0|V>Ev>HZJE+7j8Kq8D#4B{sz79=KR=46&sazjNEOH(pS;>(LN
zOHwyKVm!sj$TL}x#d+}uW)@bk#>o#^^d}2&icB_O<zQr;e1S`R5{C?<{A5QC@yP<L
zJd+(bEP%p}EW(p}I6@}xVdj|}!Xh$>(`Ir4hs0zD7M95loGxI8iA<~$pS*z6mk;DN
MggZ7r<m6%m07AYj6951J

delta 81
zcmV-X0IvV47wZ*}VFd&L000EBW_$s&7Xr!w0Sl831w*4H1O$_`0}zv60t}PA2oM1e
nlg<bilYImXlg$V?0R)o<31^e32{@Cz32XrblPU^mldKB<k2e>M

diff --git a/gui/baculum/examples/selinux/baculum.te b/gui/baculum/examples/selinux/baculum.te
index 131b560f37..f7394481e8 100644
--- a/gui/baculum/examples/selinux/baculum.te
+++ b/gui/baculum/examples/selinux/baculum.te
@@ -12,6 +12,7 @@ require {
 	class dir { search read write create getattr };
 	class file { read write create getattr open execute };
 	class netlink_audit_socket { write nlmsg_relay create read };
+	class capability { audit_write };
 }
 
 #============= httpd_t ==============
@@ -27,3 +28,4 @@ allow httpd_t sudo_exec_t:file { read execute open };
 allow httpd_t httpd_cache_t:dir { read create };
 allow httpd_t httpd_cache_t:file { read write create };
 allow httpd_t self:netlink_audit_socket { write nlmsg_relay create read };
+allow httpd_t self:capability { audit_write };
-- 
2.39.5