From 083d9d55b8021f3b5408a385c4ba5d96d1998ddc Mon Sep 17 00:00:00 2001
From: rhatdan <dwalsh@redhat.com>
Date: Aug 06 2012 17:33:13 +0000
Subject: Sanlock needs to send Kill Signals to non root processes


---

diff --git a/sanlock.te b/sanlock.te
index d015830..8e19451 100644
--- a/sanlock.te
+++ b/sanlock.te
@@ -44,7 +44,7 @@ ifdef(`enable_mls',`
 #
 # sanlock local policy
 #
-allow sanlock_t self:capability { chown dac_override ipc_lock setgid setuid sys_nice sys_resource };
+allow sanlock_t self:capability { chown dac_override ipc_lock kill setgid setuid sys_nice sys_resource };
 allow sanlock_t self:process { setrlimit setsched signull signal sigkill };
 
 allow sanlock_t self:fifo_file rw_fifo_file_perms;