From mboxrd@z Thu Jan  1 00:00:00 1970
From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 23 Sep 2013 14:30:21 -0400
Subject: [refpolicy] [PATCH] Sudo file context specification did not
 catch paths
In-Reply-To: <1377546835-8202-1-git-send-email-dominick.grift@gmail.com>
References: <1377546835-8202-1-git-send-email-dominick.grift@gmail.com>
Message-ID: <524088BD.90705@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Mon 26 Aug 2013 03:53:55 PM EDT, Dominick Grift wrote:
>
> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> diff --git a/policy/modules/system/authlogin.fc b/policy/modules/system/authlogin.fc
> index 28ad538..5d0f398 100644
> --- a/policy/modules/system/authlogin.fc
> +++ b/policy/modules/system/authlogin.fc
> @@ -46,4 +46,4 @@
>  /var/run/sepermit(/.*)? 	gen_context(system_u:object_r:pam_var_run_t,s0)
>  /var/run/sudo(/.*)?		gen_context(system_u:object_r:pam_var_run_t,s0)
>  /var/run/user(/.*)?		gen_context(system_u:object_r:var_auth_t,s0)
> -/var/(db|lib|adm)/sudo(/.*)?	gen_context(system_u:object_r:pam_var_run_t,s0)
> +/var/((db)|(lib)|(adm))/sudo(/.*)?	gen_context(system_u:object_r:pam_var_run_t,s0)

Odd. It seems to work fine for me.  Maybe it is some sort of fc sort 
problem on your system?

--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com