Skip to content

Commit 676bc4c

Browse files
millertmillert
committed
The TLS listener is enabled by default if a TLS cert is specified.
Or if the default TLS cert path exists.
1 parent 3d7755d commit 676bc4c

File tree

2 files changed

+16
-8
lines changed

2 files changed

+16
-8
lines changed

docs/sudo_logsrvd.conf.man.in

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1717
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1818
.\"
19-
.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "November 7, 2025" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
19+
.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "November 29, 2025" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
2020
.nh
2121
.if n .ad l
2222
.SH "NAME"
@@ -119,8 +119,12 @@ lines may be specified to listen on more than one port or address.
119119
.sp
120120
The default value for
121121
\fIlisten_address\fR
122-
depends on whether or not TLS has been configured.
123-
If any of the TLS options have been enabled, the default is:
122+
depends on whether or not TLS is enabled.
123+
If the
124+
\fItls_cert\fR
125+
setting has been enabled, or if the default TLS certificate
126+
(\fI/etc/ssl/sudo/certs/logsrvd_cert.pem\fR)
127+
is present, the default value is:
124128
.nf
125129
.sp
126130
.RS 12n
@@ -129,7 +133,7 @@ listen_address = *:30344(tls)
129133
.fi
130134
.RS 6n
131135
.sp
132-
Otherwise, the plaintext listener is enabled by default:
136+
Otherwise, the default is to use the plaintext listener:
133137
.nf
134138
.sp
135139
.RS 12n

docs/sudo_logsrvd.conf.mdoc.in

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1616
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1717
.\"
18-
.Dd November 7, 2025
18+
.Dd November 29, 2025
1919
.Dt SUDO_LOGSRVD.CONF @mansectform@
2020
.Os Sudo @PACKAGE_VERSION@
2121
.Sh NAME
@@ -110,13 +110,17 @@ lines may be specified to listen on more than one port or address.
110110
.Pp
111111
The default value for
112112
.Em listen_address
113-
depends on whether or not TLS has been configured.
114-
If any of the TLS options have been enabled, the default is:
113+
depends on whether or not TLS is enabled.
114+
If the
115+
.Em tls_cert
116+
setting has been enabled, or if the default TLS certificate
117+
.Pq Pa /etc/ssl/sudo/certs/logsrvd_cert.pem
118+
is present, the default value is:
115119
.Bd -literal -offset indent
116120
listen_address = *:30344(tls)
117121
.Ed
118122
.Pp
119-
Otherwise, the plaintext listener is enabled by default:
123+
Otherwise, the default is to use the plaintext listener:
120124
.Bd -literal -offset indent
121125
listen_address = *:30343
122126
.Ed

0 commit comments

Comments
 (0)