From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Sun, 6 Feb 2011 21:03:38 +0100
Subject: [refpolicy] [PATCH v2 1/1] Sudo timestamp directory has changed
 since v1.7.4, reflect this in .fc file
In-Reply-To: <4D4ECFD0.9050001@gmail.com>
References: <20110206145516.GA12283@siphos.be>
 <4D4ECFD0.9050001@gmail.com>
Message-ID: <20110206200337.GB25328@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com


Since sudo 1.7.4, the timestamp directory has moved from /var/run/sudo to
/var/db/sudo, lib or adm (in that order). See also the sudo changeset
http://www.sudo.ws/repos/sudo/rev/8c9440423d98

Keeping the "old" one (/var/run/sudo) for a while for those systems where
sudo has not been updated yet (change is since 1.7.4, Jul 14 2010).


Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 policy/modules/system/authlogin.fc |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/policy/modules/system/authlogin.fc b/policy/modules/system/authlogin.fc
index 1c4b1e7..2952cef 100644
--- a/policy/modules/system/authlogin.fc
+++ b/policy/modules/system/authlogin.fc
@@ -43,3 +43,4 @@ ifdef(`distro_gentoo', `
 /var/run/pam_ssh(/.*)?		gen_context(system_u:object_r:var_auth_t,s0)
 /var/run/sepermit(/.*)? 	gen_context(system_u:object_r:pam_var_run_t,s0)
 /var/run/sudo(/.*)?		gen_context(system_u:object_r:pam_var_run_t,s0)
+/var/(db|lib|adm)/sudo(/.*)?	gen_context(system_u:object_r:pam_var_run_t,s0)
-- 
1.7.3.4