4 files changed, 6 insertions, 1 deletions

diff --git a/Makefile b/Makefile
index 53b57a0e1..fdf83beb4 100644
--- a/Makefile
+++ b/Makefile
@@ -362,7 +362,7 @@ scan-build: clean
 
 .PHONY: codespell
 codespell: clean
-        codespell --ignore-regex "UE|creat|shotcut|ether" src test
+        codespell --ignore-regex "UE|creat|doas|shotcut|ether" src test
 
 .PHONY: print-env
 print-env:
diff --git a/etc/ids.config b/etc/ids.config
index 880ec6ab5..4b75c701c 100644
--- a/etc/ids.config
+++ b/etc/ids.config
@@ -139,6 +139,7 @@ ${HOME}/.local/share/autostart
 /etc/security
 /etc/selinux
 /etc/shadow*
+/etc/sudo*.conf
 /etc/sudoers*
 /etc/tripwire
 ${HOME}/.config/firejail
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 4277100ce..ce4f08958 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -416,6 +416,7 @@ blacklist /tmp/ssh-*
 # top secret
 blacklist /.fscrypt
 blacklist /etc/davfs2/secrets
+blacklist /etc/doas.conf
 blacklist /etc/group+
 blacklist /etc/group-
 blacklist /etc/gshadow
@@ -428,6 +429,8 @@ blacklist /etc/shadow+
 blacklist /etc/shadow-
 blacklist /etc/ssh
 blacklist /etc/ssh/*
+blacklist /etc/sudo*.conf
+blacklist /etc/sudoers*
 blacklist /home/.ecryptfs
 blacklist /home/.fscrypt
 blacklist ${HOME}/*.kdb
diff --git a/src/jailcheck/main.c b/src/jailcheck/main.c
index 27da309ea..93d334c7a 100644
--- a/src/jailcheck/main.c
+++ b/src/jailcheck/main.c
@@ -120,6 +120,7 @@ int main(int argc, char **argv) {
         // basic sysfiles
         sysfiles_setup("/etc/shadow");
         sysfiles_setup("/etc/gshadow");
+        sysfiles_setup("/usr/bin/doas");
         sysfiles_setup("/usr/bin/mount");
         sysfiles_setup("/usr/bin/su");
         sysfiles_setup("/usr/bin/ksu");