diff --git a/sudo-1.9-RLIMIT_CORE.patch b/sudo-1.9-RLIMIT_CORE.patch
new file mode 100644
index 0000000..28027c4
--- /dev/null
+++ b/sudo-1.9-RLIMIT_CORE.patch
@@ -0,0 +1,149 @@
+ changeset 12288:1064b906ca68
+
+Ignore a failure to restore the RLIMIT_CORE resource limit.
+Linux containers don't allow RLIMIT_CORE to be set back to RLIM_INFINITY
+if we set the limit to zero, even for root.  This is not a problem
+outside the container.
+author 	Todd C. Miller <Todd.Miller@sudo.ws>
+date 	Sat, 14 Mar 2020 11:13:55 -0600
+parents 	72ca06a294b4
+children 	40629e6fd692
+files 	src/limits.c
+diffstat 	1 files changed, 61 insertions(+), 10 deletions(-) [+]
+line wrap: on
+ line diff
+
+--- a/src/limits.c	Thu Mar 12 17:39:56 2020 -0600
++++ b/src/limits.c	Sat Mar 14 11:13:55 2020 -0600
+@@ -114,13 +114,21 @@
+
+     if (getrlimit(RLIMIT_CORE, &corelimit) == -1)
+ 	sudo_warn("getrlimit(RLIMIT_CORE)");
++    sudo_debug_printf(SUDO_DEBUG_INFO, "RLIMIT_CORE [%lld, %lld] -> [0, 0]",
++	(long long)corelimit.rlim_cur, (long long)corelimit.rlim_max);
+     if (setrlimit(RLIMIT_CORE, &rl) == -1)
+ 	sudo_warn("setrlimit(RLIMIT_CORE)");
+ #ifdef __linux__
+     /* On Linux, also set PR_SET_DUMPABLE to zero (reset by execve). */
+-    if ((dumpflag = prctl(PR_GET_DUMPABLE, 0, 0, 0, 0)) == -1)
++    if ((dumpflag = prctl(PR_GET_DUMPABLE, 0, 0, 0, 0)) == -1) {
++	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++	    "prctl(PR_GET_DUMPABLE, 0, 0, 0, 0)");
+ 	dumpflag = 0;
+-    (void) prctl(PR_SET_DUMPABLE, 0, 0, 0, 0);
++    }
++    if (prctl(PR_SET_DUMPABLE, 0, 0, 0, 0) == -1) {
++	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++	    "prctl(PR_SET_DUMPABLE, %d, 0, 0, 0)", dumpflag);
++    }
+ #endif /* __linux__ */
+     coredump_disabled = true;
+
+@@ -136,10 +144,20 @@
+     debug_decl(restore_coredump, SUDO_DEBUG_UTIL);
+
+     if (coredump_disabled) {
+-	if (setrlimit(RLIMIT_CORE, &corelimit) == -1)
+-	    sudo_warn("setrlimit(RLIMIT_CORE)");
++	/*
++	 * Linux containers don't allow RLIMIT_CORE to be set back to
++	 * RLIM_INFINITY if we set the limit to zero, even for root.
++	 */
++	if (setrlimit(RLIMIT_CORE, &corelimit) == -1) {
++	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++		"setrlimit(RLIMIT_CORE, [%lld, %lld])",
++		(long long)corelimit.rlim_cur, (long long)corelimit.rlim_max);
++	}
+ #ifdef __linux__
+-	(void) prctl(PR_SET_DUMPABLE, dumpflag, 0, 0, 0);
++	if (prctl(PR_SET_DUMPABLE, dumpflag, 0, 0, 0) == -1) {
++	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++		"prctl(PR_SET_DUMPABLE, %d, 0, 0, 0)", dumpflag);
++	}
+ #endif /* __linux__ */
+     }
+     debug_return;
+@@ -162,8 +180,14 @@
+
+     if (getrlimit(RLIMIT_NPROC, &nproclimit) != 0)
+ 	sudo_warn("getrlimit(RLIMIT_NPROC)");
++    sudo_debug_printf(SUDO_DEBUG_INFO, "RLIMIT_NPROC [%lld, %lld] -> [inf, inf]",
++	(long long)nproclimit.rlim_cur, (long long)nproclimit.rlim_max);
+     if (setrlimit(RLIMIT_NPROC, &rl) == -1) {
+ 	rl.rlim_cur = rl.rlim_max = nproclimit.rlim_max;
++	sudo_debug_printf(SUDO_DEBUG_INFO,
++	    "RLIMIT_NPROC [%lld, %lld] -> [%lld, %lld]",
++	    (long long)nproclimit.rlim_cur, (long long)nproclimit.rlim_max,
++	    (long long)rl.rlim_cur, (long long)rl.rlim_max);
+ 	if (setrlimit(RLIMIT_NPROC, &rl) != 0)
+ 	    sudo_warn("setrlimit(RLIMIT_NPROC)");
+     }
+@@ -180,8 +204,11 @@
+ #ifdef __linux__
+     debug_decl(restore_nproc, SUDO_DEBUG_UTIL);
+
+-    if (setrlimit(RLIMIT_NPROC, &nproclimit) != 0)
+-	sudo_warn("setrlimit(RLIMIT_NPROC)");
++    if (setrlimit(RLIMIT_NPROC, &nproclimit) != 0) {
++	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++	    "setrlimit(RLIMIT_NPROC, [%lld, %lld])",
++	    (long long)nproclimit.rlim_cur, (long long)nproclimit.rlim_max);
++    }
+
+     debug_return;
+ #endif /* __linux__ */
+@@ -203,6 +230,11 @@
+ 	struct saved_limit *lim = &saved_limits[idx];
+ 	if (getrlimit(lim->resource, &lim->oldlimit) == -1)
+ 	    continue;
++	sudo_debug_printf(SUDO_DEBUG_INFO,
++	    "getrlimit(lim->name) -> [%lld, %lld]",
++	    (long long)lim->oldlimit.rlim_cur,
++	    (long long)lim->oldlimit.rlim_max);
++
+ 	lim->saved = true;
+ 	if (lim->newlimit.rlim_cur != RLIM_INFINITY) {
+ 	    /* Don't reduce the soft resource limit. */
+@@ -217,13 +249,28 @@
+ 		lim->newlimit.rlim_max = lim->oldlimit.rlim_max;
+ 	}
+ 	if ((rc = setrlimit(lim->resource, &lim->newlimit)) == -1) {
+-	    if (lim->fallback != NULL)
+-		rc = setrlimit(lim->resource, lim->fallback);
++	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++		"setrlimit(%s, [%lld, %lld])", lim->name,
++		(long long)lim->newlimit.rlim_cur,
++		(long long)lim->newlimit.rlim_max);
++	    if (lim->fallback != NULL) {
++		if ((rc = setrlimit(lim->resource, lim->fallback)) == -1) {
++		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++			"setrlimit(%s, [%lld, %lld])", lim->name,
++			(long long)lim->fallback->rlim_cur,
++			(long long)lim->fallback->rlim_max);
++		}
++	    }
+ 	    if (rc == -1) {
+ 		/* Try setting new rlim_cur to old rlim_max. */
+ 		lim->newlimit.rlim_cur = lim->oldlimit.rlim_max;
+ 		lim->newlimit.rlim_max = lim->oldlimit.rlim_max;
+-		rc = setrlimit(lim->resource, &lim->newlimit);
++		if ((rc = setrlimit(lim->resource, &lim->newlimit)) == -1) {
++		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++			"setrlimit(%s, [%lld, %lld])", lim->name,
++			(long long)lim->newlimit.rlim_cur,
++			(long long)lim->newlimit.rlim_max);
++		}
+ 	    }
+ 	    if (rc == -1)
+ 		sudo_warn("setrlimit(%s)", lim->name);
+@@ -254,6 +301,10 @@
+ 		if (rc != -1 || errno != EINVAL)
+ 		    break;
+
++		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
++		    "setrlimit(%s, [%lld, %lld])", lim->name,
++		    (long long)rl.rlim_cur, (long long)rl.rlim_max);
++
+ 		/*
+ 		 * Soft limit could be lower than current resource usage.
+ 		 * This can be an issue on NetBSD with RLIMIT_STACK and ASLR.
diff --git a/sudo.spec b/sudo.spec
index 613bf89..bac08cd 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -27,6 +27,8 @@ BuildRequires: zlib-devel
 
 # don't strip
 Patch1: sudo-1.6.7p5-strip.patch
+# https://www.sudo.ws/repos/sudo/rev/1064b906ca68
+Patch2: sudo-1.9-RLIMIT_CORE.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -51,6 +53,7 @@ plugins that use %{name}.
 %setup -q -n %{name}-%{upstream_version}
 
 %patch1 -p1 -b .strip
+%patch2 -p1 -b .orig
 
 %build
 # Remove bundled copy of zlib
@@ -205,6 +208,8 @@ EOF
 * Wed Mar 25 2020 Attila Lakatos <alakatos@redhat.com> - 1.9.0-0.1.b4
 - update to latest development version 1.9.0b4
 Resolves: rhbz#1816593
+- setrlimit(RLIMIT_CORE): Operation not permitted warning message fix
+Resolves: rhbz#1773148
 
 * Mon Feb 24 2020 Attila Lakatos <alakatos@redhat.com> - 1.9.0-0.1.b1
 - update to latest development version 1.9.0b1
@@ -219,8 +224,6 @@ Resolves: rhbz#1786709
 - attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user
 Resolves: rhbz#1786705
 - fixes CVE-2019-19232
-- setrlimit(RLIMIT_CORE): Operation not permitted warning message fix
-Resolves: rhbz#1773148
 
 * Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.29-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild