From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Sun, 6 Feb 2011 15:55:16 +0100
Subject: [refpolicy] [PATCH 1/3] Adding sudo_db_t type for sudo timestamp
 database/directory
Message-ID: <20110206145516.GA12283@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

The sudo application uses /var/db/sudo to keep track of sudo timestamps (to
find out if sudo wants to ask the user to reauthenticate or not). 

I have found the same policy rules in fedora's repository (commit
d46a2b01151fd5061cdecd4004dc5993225c053d by Dan Walsh) but couldn't find any
direct mail on the refpolicy archives with a request to push this through.

This is patch 1/3 which defines the type

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 policy/modules/admin/sudo.te |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/policy/modules/admin/sudo.te b/policy/modules/admin/sudo.te
index 7aacfc2..8f4a2be 100644
--- a/policy/modules/admin/sudo.te
+++ b/policy/modules/admin/sudo.te
@@ -7,3 +7,6 @@ attribute sudodomain;
 
 type sudo_exec_t;
 application_executable_file(sudo_exec_t)
+
+type sudo_db_t;
+files_type(sudo_db_t)
-- 
1.7.3.4