--- a/components/sudo/patches/02-pam_setcred.patch	Wed Feb 24 22:20:45 2016 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,35 +0,0 @@
-Fix for
-17617070 sudo does not use pam_setcred correctly to set the audit context
-
-This fix is submitted as http://www.sudo.ws/bugs/show_bug.cgi?id=642
-
-Sudo 1.8.9p5 has another problem, pam_setcred configuration option is not
-enabled by default despite what is said in sudoers(4). Fix for that is
-accumulated in this patch as it will be submitted together with the
-PAM_REINITIALIZE_CRED fix.
-
---- sudo-1.8.9p5/plugins/sudoers/auth/pam.c	2014-02-07 10:25:08.979359126 +0100
-+++ sudo-1.8.9p5/plugins/sudoers/auth/pam.c	2014-02-07 10:24:43.823180676 +0100
-@@ -236,9 +236,11 @@
-      * PAM_SUCCESS from another.  For example, given a non-local user,
-      * pam_unix will fail but pam_ldap or pam_sss may succeed, but if
-      * pam_unix is first in the stack, pam_setcred() will fail.
-+     *
-+     * Reinitialize credentials when changing a user.
-      */
-     if (def_pam_setcred)
--	(void) pam_setcred(pamh, PAM_ESTABLISH_CRED);
-+	(void) pam_setcred(pamh, PAM_REINITIALIZE_CRED);
- 
-     if (def_pam_session) {
- 	*pam_status = pam_open_session(pamh, 0);
---- sudo-1.8.9p5/plugins/sudoers/defaults.c	2014-03-28 15:33:41.941482037 -0700
-+++ sudo-1.8.9p5/plugins/sudoers/defaults.c	2014-03-28 15:22:36.457133334 -0700
-@@ -485,6 +485,7 @@ init_defaults(void)
- #endif
-     def_editor = estrdup(EDITOR);
-     def_set_utmp = true;
-+    def_pam_setcred = true;
- 
-     /* Finally do the lists (currently just environment tables). */
-     init_envtables();