From 5f9917c1360a158e11efd0a6b561fb065efe5223 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Tue, 31 Jul 2012 09:15:46 -0400
Subject: [PATCH] Allow debuggerd to restorecon the tombstone directory.

---
 debuggerd.te | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/debuggerd.te b/debuggerd.te
index b85133b9d..8ff37474c 100644
--- a/debuggerd.te
+++ b/debuggerd.te
@@ -4,10 +4,14 @@ type debuggerd_exec, exec_type, file_type;
 
 init_daemon_domain(debuggerd)
 typeattribute debuggerd mlstrustedsubject;
-allow debuggerd self:capability { dac_override sys_ptrace chown kill };
+allow debuggerd self:capability { dac_override sys_ptrace chown kill fowner };
 allow debuggerd domain:dir r_dir_perms;
 allow debuggerd domain:file r_file_perms;
 allow debuggerd domain:process ptrace;
+allow debuggerd rootfs:file r_file_perms;
+allow debuggerd system_data_file:dir create_dir_perms;
+allow debuggerd system_data_file:dir relabelfrom;
+allow debuggerd tombstone_data_file:dir relabelto;
 allow debuggerd tombstone_data_file:dir create_dir_perms;
 allow debuggerd tombstone_data_file:file create_file_perms;
 allow debuggerd domain:process { sigstop signal };
-- 
GitLab