http://people.fedoraproject.org/~dwalsh/SELinux/F11/admin_sudo.patch
Lots of fixes for sudo domain.
sudo can now do stuff newrole used to do so it needs lots of SELinux
acccess to change roles and types.
sudo writes stuff to homedir so needs to manage nfs and cifs if they are
homedirs
Need role access to send email on failed sudo, as well as checking passwd
Sends audit messages
Sudo checks whether it can execute an app before running so it needs to
be able to execute any app.
Needs sys_nice