6c20f77e80
sudo should be able to getattr on all executables not just bin_t/sbin_t. Confined executeables run from sudo need this. sudo_exec_t needs to be marked as exec_type so prelink will work correctly. sudo semanage should work
12 lines
191 B
Plaintext
12 lines
191 B
Plaintext
|
|
policy_module(sudo,1.0.2)
|
|
|
|
########################################
|
|
#
|
|
# Declarations
|
|
|
|
type sudo_exec_t;
|
|
corecmd_executable_file(sudo_exec_t)
|
|
|
|
# Remaining policy in per user domain template.
|