From 9c0dcd8c971259c2af31fb6fdc133388aa478a29 Mon Sep 17 00:00:00 2001
From: Sven Vermeulen <sven.vermeulen@siphos.be>
Date: Tue, 3 Mar 2015 16:18:48 +0100
Subject: Fix bug #541990 - Grant setfscreate to semanage_migrate_store
 [semanage_t]

---
 policy/modules/system/selinuxutil.te | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index b0d14cb54..9b70f53aa 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -667,4 +667,12 @@ ifdef(`distro_gentoo',`
 
 	# Moved out of files_relabel_non_auth_files as it cannot be used in tunable_policy otherwise
 	seutil_relabelto_bin_policy(restorecond_t)
+
+	##########################################
+	#
+	# semanage local policy
+	#
+
+	# Fix bug #541990 - Grant setfscreate privilege to allow semanage_migrate_store to work properly
+	allow semanage_t self:process { setfscreate };
 ')
-- 
cgit v1.2.3