Contrast the following two:
% su -c id Password: uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=root:sysadm_r:sysadm_t
% sudo id Password: uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=user_u:user_r:user_t
How do I change my local policy so have sudo grant the same sysadm permissions as su does? Is it possible to make it tunable? Or is this something that is very dangerous and should not be done? Thanks!