From d503f374db0ed3c05deabd2782810f08a3802315 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Tue, 10 Nov 2020 16:51:51 +0100
Subject: [PATCH] distgit: some more selinux policy update

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
---
 roles/distgit/files/http_policy.te | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/distgit/files/http_policy.te b/roles/distgit/files/http_policy.te
index 2c44f4d082..0a322e99fd 100644
--- a/roles/distgit/files/http_policy.te
+++ b/roles/distgit/files/http_policy.te
@@ -8,9 +8,9 @@ require {
 	type shadow_t;
 	type var_t;
 	type git_content_t;
-	class process setrlimit;
+	class process { noatsecure rlimitinh setrlimit siginh };
 	class capability { audit_write dac_read_search net_admin setgid setuid sys_resource };
-	class netlink_audit_socket { create nlmsg_relay };
+	class netlink_audit_socket { create nlmsg_relay read write };
 	class file { create getattr link open read rename setattr unlink write };
 	class dir { add_name create getattr remove_name rmdir search write };
 }