type_transition and sigchild

[Dominick Grift]

On Tue, 2013-02-19 at 12:40 +0100, Maurizio Pagani Gmail wrote:

> allow diskadm_role_t lvm_t: process {  siginh rlimitinh sigchld };

diskadm_role_t does to need to be able to send child terminated signals
to lvm_t. LVM does not execute files with a type transition to the user
domain.

Also the siginh and rlimitinh permissions can be dontaudited instead