From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Wed, 3 May 2017 16:32:21 +0000 (-0600)
Subject: Move syslog_maxlen to the "Integers" section.  Move syslog_goodpri and
X-Git-Tag: SUDO_1_8_20^2~18
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8468f13c69967622821dc7165b2f6c9ba214d088;p=sudo

Move syslog_maxlen to the "Integers" section.  Move syslog_goodpri and
syslog_badpri to the "Strings at can be used in a boolean context" section.
---

diff --git a/doc/sudoers.cat b/doc/sudoers.cat
index 0c2b39879..b880ee45e 100644
--- a/doc/sudoers.cat
+++ b/doc/sudoers.cat
@@ -1520,6 +1520,23 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
                        password before ssuuddoo logs the failure and exits.  The
                        default is 3.
 
+     syslog_maxlen     On many systems, syslog(3) has a relatively small log
+                       buffer.  IETF RFC 5424 states that syslog servers must
+                       support messages of at least 480 bytes and should
+                       support messages up to 2048 bytes.  By default, ssuuddooeerrss
+                       creates log messages up to 980 bytes which corresponds
+                       to the historic BSD syslog implementation which used a
+                       1024 byte buffer to store the message, date, hostname
+                       and program name.  To prevent syslog messages from
+                       being truncated, ssuuddooeerrss will split up log messages
+                       that are larger than _s_y_s_l_o_g___m_a_x_l_e_n bytes.  When a
+                       message is split, additional parts will include the
+                       string "(command continued)" after the user name and
+                       before the continued command line arguments.
+
+                       This setting is only supported by version 1.8.19 or
+                       higher.
+
      IInntteeggeerrss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt:
 
      loglinelen        Number of characters per line for the file log.  This
@@ -1770,41 +1787,6 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
                        not specified on the command line.  This defaults to
                        root.
 
-     syslog_badpri     Syslog priority to use when the user is not allowed to
-                       run a command or when authentication is unsuccessful.
-                       Defaults to alert.
-
-                       The following syslog priorities are supported: aalleerrtt,
-                       ccrriitt, ddeebbuugg, eemmeerrgg, eerrrr, iinnffoo, nnoottiiccee, wwaarrnniinngg, and
-                       nnoonnee.  Negating the option or setting it to a value of
-                       nnoonnee will disable logging of unsuccessful commands.
-
-     syslog_goodpri    Syslog priority to use when the user is allowed to run
-                       a command and authentication is successful.  Defaults
-                       to notice.
-
-                       See _s_y_s_l_o_g___b_a_d_p_r_i for the list of supported syslog
-                       priorities.  Negating the option or setting it to a
-                       value of nnoonnee will disable logging of successful
-                       commands.
-
-     syslog_maxlen     On many systems, syslog(3) has a relatively small log
-                       buffer.  IETF RFC 5424 states that syslog servers must
-                       support messages of at least 480 bytes and should
-                       support messages up to 2048 bytes.  By default, ssuuddooeerrss
-                       creates log messages up to 980 bytes which corresponds
-                       to the historic BSD syslog implementation which used a
-                       1024 byte buffer to store the message, date, hostname
-                       and program name.  To prevent syslog messages from
-                       being truncated, ssuuddooeerrss will split up log messages
-                       that are larger than _s_y_s_l_o_g___m_a_x_l_e_n bytes.  When a
-                       message is split, additional parts will include the
-                       string "(command continued)" after the user name and
-                       before the continued command line arguments.
-
-                       This setting is only supported by version 1.8.19 or
-                       higher.
-
      sudoers_locale    Locale to use when parsing the sudoers file, logging
                        commands, and sending email.  Note that changing the
                        locale may affect how sudoers is interpreted.  Defaults
@@ -1975,6 +1957,25 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
                    your OS supports it), aauutthh, ddaaeemmoonn, uusseerr, llooccaall00, llooccaall11,
                    llooccaall22, llooccaall33, llooccaall44, llooccaall55, llooccaall66, and llooccaall77.
 
+     syslog_badpri
+                   Syslog priority to use when the user is not allowed to run
+                   a command or when authentication is unsuccessful.  Defaults
+                   to alert.
+
+                   The following syslog priorities are supported: aalleerrtt, ccrriitt,
+                   ddeebbuugg, eemmeerrgg, eerrrr, iinnffoo, nnoottiiccee, wwaarrnniinngg, and nnoonnee.
+                   Negating the option or setting it to a value of nnoonnee will
+                   disable logging of unsuccessful commands.
+
+     syslog_goodpri
+                   Syslog priority to use when the user is allowed to run a
+                   command and authentication is successful.  Defaults to
+                   notice.
+
+                   See _s_y_s_l_o_g___b_a_d_p_r_i for the list of supported syslog
+                   priorities.  Negating the option or setting it to a value
+                   of nnoonnee will disable logging of successful commands.
+
      verifypw      This option controls when a password will be required when
                    a user runs ssuuddoo with the --vv option.  It has the following
                    possible values:
diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in
index 8f827fcde..2ebed460e 100644
--- a/doc/sudoers.man.in
+++ b/doc/sudoers.man.in
@@ -3152,6 +3152,28 @@ The number of tries a user gets to enter his/her password before
 logs the failure and exits.
 The default is
 \fR@passwd_tries@\fR.
+.TP 18n
+syslog_maxlen
+On many systems,
+syslog(3)
+has a relatively small log buffer.
+IETF RFC 5424 states that syslog servers must support messages of
+at least 480 bytes and should support messages up to 2048 bytes.
+By default,
+\fBsudoers\fR
+creates log messages up to 980 bytes which corresponds to the
+historic BSD syslog implementation which used a 1024 byte buffer
+to store the message, date, hostname and program name.
+To prevent syslog messages from being truncated,
+\fBsudoers\fR
+will split up log messages that are larger than
+\fIsyslog_maxlen\fR
+bytes.
+When a message is split, additional parts will include the string
+\(Lq(command continued)\(Rq
+after the user name and before the continued command line arguments.
+.sp
+This setting is only supported by version 1.8.19 or higher.
 .PP
 \fBIntegers that can be used in a boolean context\fR:
 .TP 18n
@@ -3562,62 +3584,6 @@ option is not specified on the command line.
 This defaults to
 \fR@runas_default@\fR.
 .TP 18n
-syslog_badpri
-Syslog priority to use when the user is not allowed to run a command or
-when authentication is unsuccessful.
-Defaults to
-\fR@badpri@\fR.
-.sp
-The following syslog priorities are supported:
-\fBalert\fR,
-\fBcrit\fR,
-\fBdebug\fR,
-\fBemerg\fR,
-\fBerr\fR,
-\fBinfo\fR,
-\fBnotice\fR,
-\fBwarning\fR,
-and
-\fBnone\fR.
-Negating the option or setting it to a value of
-\fBnone\fR
-will disable logging of unsuccessful commands.
-.TP 18n
-syslog_goodpri
-Syslog priority to use when the user is allowed to run a command and
-authentication is successful.
-Defaults to
-\fR@goodpri@\fR.
-.sp
-See
-\fIsyslog_badpri\fR
-for the list of supported syslog priorities.
-Negating the option or setting it to a value of
-\fBnone\fR
-will disable logging of successful commands.
-.TP 18n
-syslog_maxlen
-On many systems,
-syslog(3)
-has a relatively small log buffer.
-IETF RFC 5424 states that syslog servers must support messages of
-at least 480 bytes and should support messages up to 2048 bytes.
-By default,
-\fBsudoers\fR
-creates log messages up to 980 bytes which corresponds to the
-historic BSD syslog implementation which used a 1024 byte buffer
-to store the message, date, hostname and program name.
-To prevent syslog messages from being truncated,
-\fBsudoers\fR
-will split up log messages that are larger than
-\fIsyslog_maxlen\fR
-bytes.
-When a message is split, additional parts will include the string
-\(Lq(command continued)\(Rq
-after the user name and before the continued command line arguments.
-.sp
-This setting is only supported by version 1.8.19 or higher.
-.TP 18n
 sudoers_locale
 Locale to use when parsing the sudoers file, logging commands, and
 sending email.
@@ -3954,6 +3920,41 @@ OS supports it),
 and
 \fBlocal7\fR.
 .TP 14n
+syslog_badpri
+.br
+Syslog priority to use when the user is not allowed to run a command or
+when authentication is unsuccessful.
+Defaults to
+\fR@badpri@\fR.
+.sp
+The following syslog priorities are supported:
+\fBalert\fR,
+\fBcrit\fR,
+\fBdebug\fR,
+\fBemerg\fR,
+\fBerr\fR,
+\fBinfo\fR,
+\fBnotice\fR,
+\fBwarning\fR,
+and
+\fBnone\fR.
+Negating the option or setting it to a value of
+\fBnone\fR
+will disable logging of unsuccessful commands.
+.TP 14n
+syslog_goodpri
+Syslog priority to use when the user is allowed to run a command and
+authentication is successful.
+Defaults to
+\fR@goodpri@\fR.
+.sp
+See
+\fIsyslog_badpri\fR
+for the list of supported syslog priorities.
+Negating the option or setting it to a value of
+\fBnone\fR
+will disable logging of successful commands.
+.TP 14n
 verifypw
 This option controls when a password will be required when a user runs
 \fBsudo\fR
diff --git a/doc/sudoers.mdoc.in b/doc/sudoers.mdoc.in
index 362e94993..f902b9d2d 100644
--- a/doc/sudoers.mdoc.in
+++ b/doc/sudoers.mdoc.in
@@ -2962,6 +2962,27 @@ The number of tries a user gets to enter his/her password before
 logs the failure and exits.
 The default is
 .Li @passwd_tries@ .
+.It syslog_maxlen
+On many systems,
+.Xr syslog 3
+has a relatively small log buffer.
+IETF RFC 5424 states that syslog servers must support messages of
+at least 480 bytes and should support messages up to 2048 bytes.
+By default,
+.Nm
+creates log messages up to 980 bytes which corresponds to the
+historic BSD syslog implementation which used a 1024 byte buffer
+to store the message, date, hostname and program name.
+To prevent syslog messages from being truncated,
+.Nm
+will split up log messages that are larger than
+.Em syslog_maxlen
+bytes.
+When a message is split, additional parts will include the string
+.Dq Pq command continued
+after the user name and before the continued command line arguments.
+.Pp
+This setting is only supported by version 1.8.19 or higher.
 .El
 .Pp
 .Sy Integers that can be used in a boolean context :
@@ -3332,59 +3353,6 @@ The default user to run commands as if the
 option is not specified on the command line.
 This defaults to
 .Li @runas_default@ .
-.It syslog_badpri
-Syslog priority to use when the user is not allowed to run a command or
-when authentication is unsuccessful.
-Defaults to
-.Li @badpri@ .
-.Pp
-The following syslog priorities are supported:
-.Sy alert ,
-.Sy crit ,
-.Sy debug ,
-.Sy emerg ,
-.Sy err ,
-.Sy info ,
-.Sy notice ,
-.Sy warning ,
-and
-.Sy none .
-Negating the option or setting it to a value of
-.Sy none
-will disable logging of unsuccessful commands.
-.It syslog_goodpri
-Syslog priority to use when the user is allowed to run a command and
-authentication is successful.
-Defaults to
-.Li @goodpri@ .
-.Pp
-See
-.Em syslog_badpri
-for the list of supported syslog priorities.
-Negating the option or setting it to a value of
-.Sy none
-will disable logging of successful commands.
-.It syslog_maxlen
-On many systems,
-.Xr syslog 3
-has a relatively small log buffer.
-IETF RFC 5424 states that syslog servers must support messages of
-at least 480 bytes and should support messages up to 2048 bytes.
-By default,
-.Nm
-creates log messages up to 980 bytes which corresponds to the
-historic BSD syslog implementation which used a 1024 byte buffer
-to store the message, date, hostname and program name.
-To prevent syslog messages from being truncated,
-.Nm
-will split up log messages that are larger than
-.Em syslog_maxlen
-bytes.
-When a message is split, additional parts will include the string
-.Dq Pq command continued
-after the user name and before the continued command line arguments.
-.Pp
-This setting is only supported by version 1.8.19 or higher.
 .It sudoers_locale
 Locale to use when parsing the sudoers file, logging commands, and
 sending email.
@@ -3685,6 +3653,38 @@ OS supports it),
 .Sy local6 ,
 and
 .Sy local7 .
+.It syslog_badpri
+Syslog priority to use when the user is not allowed to run a command or
+when authentication is unsuccessful.
+Defaults to
+.Li @badpri@ .
+.Pp
+The following syslog priorities are supported:
+.Sy alert ,
+.Sy crit ,
+.Sy debug ,
+.Sy emerg ,
+.Sy err ,
+.Sy info ,
+.Sy notice ,
+.Sy warning ,
+and
+.Sy none .
+Negating the option or setting it to a value of
+.Sy none
+will disable logging of unsuccessful commands.
+.It syslog_goodpri
+Syslog priority to use when the user is allowed to run a command and
+authentication is successful.
+Defaults to
+.Li @goodpri@ .
+.Pp
+See
+.Em syslog_badpri
+for the list of supported syslog priorities.
+Negating the option or setting it to a value of
+.Sy none
+will disable logging of successful commands.
 .It verifypw
 This option controls when a password will be required when a user runs
 .Nm sudo