From Debian package 0.0.20080702-15 and 0.0.20080702-16
In Manoj's topic-debadim branch
In Russell's 2010-07-08 patch

allow dpkg_t to set rlimit
Grant capability ipc_lock to dpkg_t

Refreshed for 136_dpkg_ptrace

Index: policy/modules/admin/dpkg.te
===================================================================
--- policy/modules/admin/dpkg.te.orig
+++ policy/modules/admin/dpkg.te
@@ -51,8 +51,8 @@
 # dpkg Local policy
 #
 
-allow dpkg_t self:capability { chown dac_override fowner fsetid setgid setuid kill sys_tty_config sys_nice sys_resource mknod linux_immutable sys_ptrace };
-allow dpkg_t self:process { setpgid fork getsched setfscreate };
+allow dpkg_t self:capability { chown dac_override fowner fsetid setgid setuid kill sys_tty_config sys_nice sys_resource mknod linux_immutable sys_ptrace ipc_lock };
+allow dpkg_t self:process { setrlimit setpgid fork getsched setfscreate };
 allow dpkg_t self:fd use;
 allow dpkg_t self:fifo_file rw_fifo_file_perms;
 allow dpkg_t self:unix_dgram_socket create_socket_perms;