From 0f733cc37ae39fba9f9d7a86bfb68689481c225e Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Aug 05 2013 05:20:16 +0000
Subject: setrlimit is not cap


---

diff --git a/policy-f18-contrib.patch b/policy-f18-contrib.patch
index 0d65509..00d6059 100644
--- a/policy-f18-contrib.patch
+++ b/policy-f18-contrib.patch
@@ -78767,7 +78767,7 @@ index 0000000..b34b8b4
 +
 diff --git a/zoneminder.te b/zoneminder.te
 new file mode 100644
-index 0000000..17a9a24
+index 0000000..31f8cb4
 --- /dev/null
 +++ b/zoneminder.te
 @@ -0,0 +1,171 @@
@@ -78883,9 +78883,9 @@ index 0000000..17a9a24
 +')
 +
 +tunable_policy(`zoneminder_run_sudo',`
-+    allow zoneminder_t self:capability { setrlimit setuid setgid sys_resource };
++    allow zoneminder_t self:capability { setuid setgid sys_resource };
 +    allow zoneminder_t self:key write;
-+    allow zoneminder_t self:process setsched;
++    allow zoneminder_t self:process { setrlimit setsched };
 +    allow zoneminder_t self:passwd rootok;
 +
 +    auth_rw_lastlog(zoneminder_t)