From 8de48b63e3b8adc882c3886249d1b927ccce380b Mon Sep 17 00:00:00 2001
From: Jason Rothstein <fdragon@fdragon.org>
Date: Mon, 3 Oct 2022 00:03:08 -0500
Subject: [PATCH] Add sudo_intercept.so comments from latest sudo package

---
 templates/Fedora/36/etc/sudo.conf | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/templates/Fedora/36/etc/sudo.conf b/templates/Fedora/36/etc/sudo.conf
index cb23433..773a0e0 100644
--- a/templates/Fedora/36/etc/sudo.conf
+++ b/templates/Fedora/36/etc/sudo.conf
@@ -38,6 +38,21 @@
 #
 #Path devsearch /dev/pts:/dev/vt:/dev/term:/dev/zcons:/dev/pty:/dev
 
+#
+# Sudo command interception:
+#   Path intercept /path/to/sudo_intercept.so
+#
+# Path to a shared library containing replacements for the execv(),
+# execve() and fexecve() library functions that perform a policy check
+# to verify the command is allowed and simply return an error if not.
+# This is used to implement the "intercept" functionality on systems that
+# support LD_PRELOAD or its equivalent.
+#
+# The compiled-in value is usually sufficient and should only be changed
+# if you rename or move the sudo_intercept.so file.
+#
+#Path intercept /usr/libexec/sudo/sudo_intercept.so
+
 #
 # Sudo noexec:
 #   Path noexec /path/to/sudo_noexec.so