From 116492a4ca0d43adde2573722e090d0bc84ed1ec Mon Sep 17 00:00:00 2001
From: Jeff Mitchell <jeffrey.mitchell@gmail.com>
Date: Mon, 8 Aug 2016 10:00:01 -0400
Subject: [PATCH] Make `capabilities-self` part of the default policy.

Fixes #1695
---
 vault/policy_store.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/vault/policy_store.go b/vault/policy_store.go
index 22750cf88f..0b42b429dc 100644
--- a/vault/policy_store.go
+++ b/vault/policy_store.go
@@ -296,6 +296,10 @@ path "cubbyhole/*" {
 path "cubbyhole" {
     capabilities = ["list"]
 }
+
+path "sys/capabilities-self" {
+    capabilities = ["update"]
+}
 `)
 	if err != nil {
 		return errwrap.Wrapf("error parsing default policy: {{err}}", err)