Document noexec in sample.sudo.conf and add back noexec_file section

in sudoers with a note that it is deprecated.

doc/sample.sudo.conf

@@ -3,7 +3,8 @@
 #
 # Format:
 #   Plugin plugin_name plugin_path
-#   Path askpass askpass_path
+#   Path askpass /path/to/askpass
+#   Path noexec /path/to/noexec.so
 #
 # Sudo plugins:
 #
@@ -27,3 +28,15 @@ Plugin sudoers_io sudoers.so
 #
 # Use the Gnome OpenSSH askpass
 #Path askpass /usr/libexec/openssh/gnome-ssh-askpass
+
+#
+# Sudo noexec:
+#
+# Path to a shared library containing dummy versions of the execv(),
+# execve() and fexecve() library functions that just return an error.
+# This is used to implement the "noexec" functionality on systems that
+# support C<LD_PRELOAD> or its equivalent.
+# The compiled-in value is usually sufficient and should only be changed
+# if you rename or move the sudo_noexec.so file.
+#
+#Path noexec /usr/libexec/sudo_noexec.so

doc/sudo.pod

@@ -428,8 +428,8 @@ which corresponds to the following F<@sysconfdir@/sudo.conf> file.
  #
  # Format:
  #   Plugin plugin_name plugin_path
- #   Path askpass path/to/askpass
- #   Path noexec path/to/noexec
+ #   Path askpass /path/to/askpass
+ #   Path noexec /path/to/noexec.so
  #
  # The plugin_path is relative to @prefix@/libexec unless
  #   fully qualified.

doc/sudoers.pod

@@ -1215,6 +1215,12 @@ Subject of the mail sent to the I<mailto> user. The escape C<%h>
 will expand to the host name of the machine.
 Default is C<@mailsub@>.
 
+=item noexec_file
+
+This option is deprecated and will be removed in a future release
+of B<sudo>.  The path to the noexec file should now be set in the
+F<@sysconfdir@/sudo.conf> file.
+
 =item passprompt
 
 The default prompt to use when asking for a password; can be overridden