From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 14 Feb 2011 10:58:43 -0500
Subject: [refpolicy] [PATCH v2 1/1] Sudo timestamp directory has changed
 since v1.7.4, reflect this in .fc file
In-Reply-To: <20110206200337.GB25328@siphos.be>
References: <20110206145516.GA12283@siphos.be> <4D4ECFD0.9050001@gmail.com>
	<20110206200337.GB25328@siphos.be>
Message-ID: <4D595133.6010009@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 2/6/2011 3:03 PM, Sven Vermeulen wrote:
>
> Since sudo 1.7.4, the timestamp directory has moved from /var/run/sudo to
> /var/db/sudo, lib or adm (in that order). See also the sudo changeset
> http://www.sudo.ws/repos/sudo/rev/8c9440423d98
>
> Keeping the "old" one (/var/run/sudo) for a while for those systems where
> sudo has not been updated yet (change is since 1.7.4, Jul 14 2010).

Merged.

> Signed-off-by: Sven Vermeulen<sven.vermeulen@siphos.be>
> ---
>   policy/modules/system/authlogin.fc |    1 +
>   1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/system/authlogin.fc b/policy/modules/system/authlogin.fc
> index 1c4b1e7..2952cef 100644
> --- a/policy/modules/system/authlogin.fc
> +++ b/policy/modules/system/authlogin.fc
> @@ -43,3 +43,4 @@ ifdef(`distro_gentoo', `
>   /var/run/pam_ssh(/.*)?		gen_context(system_u:object_r:var_auth_t,s0)
>   /var/run/sepermit(/.*)? 	gen_context(system_u:object_r:pam_var_run_t,s0)
>   /var/run/sudo(/.*)?		gen_context(system_u:object_r:pam_var_run_t,s0)
> +/var/(db|lib|adm)/sudo(/.*)?	gen_context(system_u:object_r:pam_var_run_t,s0)


-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com