From 937b5f166dc9c12796624c462ecf746e17bd643b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 25 May 2010 13:58:16 -0400 Subject: [PATCH] Set selinux role and type in command details. --- plugins/sudoers/sudoers.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index 46a0cd6a4..93660d97a 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -608,6 +608,12 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], } if (def_closefrom >= 0) easprintf(&command_info[info_len++], "closefrom=%d", def_closefrom); +#ifdef HAVE_SELINUX + if (user_role != NULL) + command_info[info_len++] = fmt_string("selinux_role", user_role); + if (user_type != NULL) + command_info[info_len++] = fmt_string("selinux_type", user_type); +#endif /* HAVE_SELINUX */ /* Must audit before uid change. */ audit_success(NewArgv);