From 272a9c8e9b5b74ddce0e945689c46d1384be0db6 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 27 Mar 2017 11:10:18 -0600
Subject: [PATCH] Document that commands matched by "sudo ALL" are not affected
 by fdexec.

---
 doc/sudoers.cat     | 6 +++++-
 doc/sudoers.man.in  | 9 ++++++++-
 doc/sudoers.mdoc.in | 9 ++++++++-
 3 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/doc/sudoers.cat b/doc/sudoers.cat
index b2101c882..5b77e438e 100644
--- a/doc/sudoers.cat
+++ b/doc/sudoers.cat
@@ -1852,6 +1852,10 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
                    A workaround is to use the SUDO_COMMAND environment
                    variable instead.
 
+                   The _f_d_e_x_e_c setting is only used when the command is matched
+                   by path name.  It has no effect if the command is matched
+                   by the built-in AALLLL alias.
+
                    This setting is only supported by version 1.8.20 or higher.
                    If the operating system does not support the fexecve(2)
                    system call, this setting has no effect.
@@ -2792,4 +2796,4 @@ DDIISSCCLLAAIIMMEERR
      file distributed with ssuuddoo or https://www.sudo.ws/license.html for
      complete details.
 
-Sudo 1.8.20                     March 22, 2017                     Sudo 1.8.20
+Sudo 1.8.20                     March 27, 2017                     Sudo 1.8.20
diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in
index db3b473a4..0716489a6 100644
--- a/doc/sudoers.man.in
+++ b/doc/sudoers.man.in
@@ -21,7 +21,7 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.TH "SUDOERS" "5" "March 22, 2017" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDOERS" "5" "March 27, 2017" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
 .SH "NAME"
@@ -3700,6 +3700,13 @@ A workaround is to use the
 \fRSUDO_COMMAND\fR
 environment variable instead.
 .sp
+The
+\fIfdexec\fR
+setting is only used when the command is matched by path name.
+It has no effect if the command is matched by the built-in
+\fBALL\fR
+alias.
+.sp
 This setting is only supported by version 1.8.20 or higher.
 If the operating system does not support the
 fexecve(2)
diff --git a/doc/sudoers.mdoc.in b/doc/sudoers.mdoc.in
index 4b51c486e..c7748c311 100644
--- a/doc/sudoers.mdoc.in
+++ b/doc/sudoers.mdoc.in
@@ -19,7 +19,7 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.Dd March 22, 2017
+.Dd March 27, 2017
 .Dt SUDOERS @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -3457,6 +3457,13 @@ A workaround is to use the
 .Dv SUDO_COMMAND
 environment variable instead.
 .Pp
+The
+.Em fdexec
+setting is only used when the command is matched by path name.
+It has no effect if the command is matched by the built-in
+.Sy ALL
+alias.
+.Pp
 This setting is only supported by version 1.8.20 or higher.
 If the operating system does not support the
 .Xr fexecve 2
-- 
2.40.0