Add syslog_pid sudoers option to log sudo's process ID when logging

via syslog.  This is disabled by default to match historic behavior.

doc/sudoers.cat

@@ -1420,6 +1420,12 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
                        This setting is only supported by version 1.8.15 or
                        higher.
 
+     syslog_pid        When logging via syslog(3), include the process ID in
+                       the log entry.  This flag is _o_f_f by default.
+
+                       This setting is only supported by version 1.8.21 or
+                       higher.
+
      targetpw          If set, ssuuddoo will prompt for the password of the user
                        specified by the --uu option (defaults to root) instead
                        of the password of the invoking user when running a
@@ -2817,4 +2823,4 @@ DDIISSCCLLAAIIMMEERR
      file distributed with ssuuddoo or https://www.sudo.ws/license.html for
      complete details.
 
-Sudo 1.8.21                      June 3, 2017                      Sudo 1.8.21
+Sudo 1.8.21                      July 20, 2017                     Sudo 1.8.21

doc/sudoers.man.in

@@ -21,7 +21,7 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.TH "SUDOERS" "5" "June 3, 2017" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDOERS" "5" "July 20, 2017" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
 .SH "NAME"
@@ -2977,6 +2977,16 @@ by default.
 .sp
 This setting is only supported by version 1.8.15 or higher.
 .TP 18n
+syslog_pid
+When logging via
+syslog(3),
+include the process ID in the log entry.
+This flag is
+\fIoff\fR
+by default.
+.sp
+This setting is only supported by version 1.8.21 or higher.
+.TP 18n
 targetpw
 If set,
 \fBsudo\fR

doc/sudoers.mdoc.in

@@ -19,7 +19,7 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.Dd June 3, 2017
+.Dd July 20, 2017
 .Dt SUDOERS @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -2797,6 +2797,15 @@ This flag is
 by default.
 .Pp
 This setting is only supported by version 1.8.15 or higher.
+.It syslog_pid
+When logging via
+.Xr syslog 3 ,
+include the process ID in the log entry.
+This flag is
+.Em off
+by default.
+.Pp
+This setting is only supported by version 1.8.21 or higher.
 .It targetpw
 If set,
 .Nm sudo

plugins/sudoers/def_data.c

@@ -465,6 +465,10 @@ struct sudo_defs_types sudo_defs_table[] = {
 	"iolog_flush", T_FLAG,
 	N_("Flush I/O log data to disk immediately instead of buffering it"),
 	NULL,
+    }, {
+	"syslog_pid", T_FLAG,
+	N_("Include the process ID when logging via syslog"),
+	NULL,
     }, {
 	NULL, 0, NULL
     }

plugins/sudoers/def_data.h

@@ -216,6 +216,8 @@
 #define def_user_command_timeouts (sudo_defs_table[I_USER_COMMAND_TIMEOUTS].sd_un.flag)
 #define I_IOLOG_FLUSH           108
 #define def_iolog_flush         (sudo_defs_table[I_IOLOG_FLUSH].sd_un.flag)
+#define I_SYSLOG_PID            109
+#define def_syslog_pid          (sudo_defs_table[I_SYSLOG_PID].sd_un.flag)
 
 enum def_tuple {
 	never,

plugins/sudoers/def_data.in

@@ -341,3 +341,6 @@ user_command_timeouts
 iolog_flush
 	T_FLAG
 	"Flush I/O log data to disk immediately instead of buffering it"
+syslog_pid
+	T_FLAG
+	"Include the process ID when logging via syslog"

plugins/sudoers/logging.c

@@ -70,10 +70,11 @@ static char *new_logline(const char *, int);
 static void
 mysyslog(int pri, const char *fmt, ...)
 {
+    const int flags = def_syslog_pid ? LOG_PID : 0;
     va_list ap;
     debug_decl(mysyslog, SUDOERS_DEBUG_LOGGING)
 
-    openlog("sudo", 0, def_syslog);
+    openlog("sudo", flags, def_syslog);
     va_start(ap, fmt);
     vsyslog(pri, fmt, ap);
     va_end(ap);