diff --git a/SOURCES/0011-Fix-sudoers-lens-recognize-match_group_by_gid.patch b/SOURCES/0011-Fix-sudoers-lens-recognize-match_group_by_gid.patch
new file mode 100644
index 0000000..30961e4
--- /dev/null
+++ b/SOURCES/0011-Fix-sudoers-lens-recognize-match_group_by_gid.patch
@@ -0,0 +1,29 @@
+From 15409d95e059b898a30a41107fa4c81ef35799f8 Mon Sep 17 00:00:00 2001
+From: Luigi Toscano <ltoscano@redhat.com>
+Date: Thu, 24 Aug 2017 16:21:49 +0200
+Subject: [PATCH] Fix sudoers lens: recognize "match_group_by_gid"
+
+The option is now enabled by default in the default sudoers of
+RHEL 7.4 (and probably soon CentOS 7).
+
+Closes #482
+---
+ lenses/sudoers.aug | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lenses/sudoers.aug b/lenses/sudoers.aug
+index 7567772d..0437daae 100644
+--- a/lenses/sudoers.aug
++++ b/lenses/sudoers.aug
+@@ -307,7 +307,7 @@ let parameter_flag_kw    = "always_set_home" | "authenticate" | "env_editor"
+                          | "tty_tickets" | "visiblepw" | "closefrom_override"
+                          | "closefrom_override" | "compress_io" | "fast_glob"
+                          | "log_input" | "log_output" | "pwfeedback"
+-                         | "umask_override" | "use_pty"
++                         | "umask_override" | "use_pty" | "match_group_by_gid"
+ 
+ let parameter_flag       = [ del_negate . negate_node?
+                                . key parameter_flag_kw ]
+-- 
+2.13.5
+
diff --git a/SPECS/augeas.spec b/SPECS/augeas.spec
index f11ea3e..03154d0 100644
--- a/SPECS/augeas.spec
+++ b/SPECS/augeas.spec
@@ -1,6 +1,6 @@
 Name:           augeas
 Version:        1.4.0
-Release:        2%{?dist}.1
+Release:        2%{?dist}.2
 Summary:        A library for changing configuration files
 
 Group:          System Environment/Libraries
@@ -17,6 +17,7 @@ Patch7:         0007-Dhcpd-revert-Dhcpd-module-to-1.1.0-compatible-add-Dh.patch
 Patch8:         0008-Slapd-revert-Slapd-module-to-1.1.0-compatible-add-Sl.patch
 Patch9:         0009-Rhsm-new-lens-to-parse-subscription-manager-s-rhsm.c.patch
 Patch10:        0010-src-pathx.c-parse_name-correctly-handle-trailing-whi.patch
+Patch11:        0011-Fix-sudoers-lens-recognize-match_group_by_gid.patch
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -68,6 +69,7 @@ The libraries for %{name}.
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11 -p1
 
 # Patches affect Makefile.am and configure.ac, so rerun autotools.
 autoreconf
@@ -129,6 +131,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/pkgconfig/augeas.pc
 
 %changelog
+* Thu Sep 21 2017 Pino Toscano <ptoscanoredhat.com> - 1.4.0-2.el7_4.2
+- Sudoers: recognize "match_group_by_gid" (RHBZ#1493005)
+
 * Mon Sep 04 2017 Pino Toscano <ptoscanoredhat.com> - 1.4.0-2.el7_4.1
 - Fix CVE-2017-7555, improper handling of escaped strings (RHBZ#1481545)