Document that sudoers will re-use existing I/O log paths unless

they are mktemp-style with trailing X's.
2025-08-22 01:49:11 +00:00 · 2013-04-25 15:11:06 -04:00 · 2013-04-25 15:11:06 -04:00 · 7c9aaa2f2f
commit 7c9aaa2f2f
parent fa6c857112
3 changed files with 48 additions and 0 deletions
--- a/doc/sudoers.cat
+++ b/doc/sudoers.cat
@ -1337,6 +1337,11 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
                       unique combination of digits and letters, similar to
                       the mktemp(3) function.

+                       If the path created by concatenating _i_o_l_o_g___d_i_r and
+                       _i_o_l_o_g___f_i_l_e already exists, the existing I/O log file
+                       will be truncated and overwritten unless _i_o_l_o_g___f_i_l_e
+                       ends in six or more Xs.
+
     limitprivs        The default Solaris limit privileges to use when
                       constructing a new privilege set for a command.  This
                       bounds all privileges of the executing process.  The
@ -1358,6 +1363,11 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
                       truncated to 2176782336.  The default value is
                       2176782336.

+                       Once the local sequence number reaches the value of
+                       _m_a_x_s_e_q, it will ``roll over'' to zero, after which
+                       ssuuddooeerrss will truncate and re-use any existing I/O log
+                       pathnames.
+
                       This setting is only supported by version 1.8.7 or
                       higher.

--- a/doc/sudoers.man.in
+++ b/doc/sudoers.man.in
@ -2782,6 +2782,17 @@ will have the
 replaced with a unique combination of digits and letters, similar to the
 mktemp(3)
 function.
+.sp
+If the path created by concatenating
+\fIiolog_dir\fR
+and
+\fIiolog_file\fR
+already exists, the existing I/O log file will be truncated and
+overwritten unless
+\fIiolog_file\fR
+ends in six or
+more
+\fRX\fRs.
 .PD
 .TP 18n
 limitprivs
@ -2821,6 +2832,14 @@ base 36 sequence number
 will be silently truncated to 2176782336.
 The default value is 2176782336.
 .sp
+Once the local sequence number reaches the value of
+\fImaxseq\fR,
+it will
+``roll over''
+to zero, after which
+\fBsudoers\fR
+will truncate and re-use any existing I/O log pathnames.
+.sp
 This setting is only supported by version 1.8.7 or higher.
 .TP 18n
 noexec_file
--- a/doc/sudoers.mdoc.in
+++ b/doc/sudoers.mdoc.in
@ -2598,6 +2598,17 @@ will have the
 replaced with a unique combination of digits and letters, similar to the
 .Xr mktemp 3
 function.
+.Pp
+If the path created by concatenating
+.Em iolog_dir
+and
+.Em iolog_file
+already exists, the existing I/O log file will be truncated and
+overwritten unless
+.Em iolog_file
+ends in six or
+more
+.Li X Ns No s .
 .It limitprivs
 The default Solaris limit privileges to use when constructing a new
 privilege set for a command.
@ -2633,6 +2644,14 @@ base 36 sequence number
 will be silently truncated to 2176782336.
 The default value is 2176782336.
 .Pp
+Once the local sequence number reaches the value of
+.Em maxseq ,
+it will
+.Dq roll over
+to zero, after which
+.Nm sudoers
+will truncate and re-use any existing I/O log pathnames.
+.Pp
 This setting is only supported by version 1.8.7 or higher.
 .It noexec_file
 As of