diff --git a/plugins/sudoers/auth/sudo_auth.c b/plugins/sudoers/auth/sudo_auth.c
index 3d5a32258..d73a5e265 100644
--- a/plugins/sudoers/auth/sudo_auth.c
+++ b/plugins/sudoers/auth/sudo_auth.c
@@ -183,7 +183,7 @@ sudo_auth_cleanup(struct passwd *pw)
 int
 verify_user(struct passwd *pw, char *prompt, int validated)
 {
-    int counter = def_passwd_tries + 1;
+    unsigned int counter = def_passwd_tries + 1;
     int success = AUTH_FAILURE;
     int status, rval;
     char *p;
diff --git a/plugins/sudoers/def_data.c b/plugins/sudoers/def_data.c
index 4fade6229..29f8aeac6 100644
--- a/plugins/sudoers/def_data.c
+++ b/plugins/sudoers/def_data.c
@@ -152,7 +152,7 @@ struct sudo_defs_types sudo_defs_table[] = {
 	NULL,
     }, {
 	"loglinelen", T_UINT|T_BOOL,
-	N_("Length at which to wrap log file lines (0 for no wrap): %d"),
+	N_("Length at which to wrap log file lines (0 for no wrap): %u"),
 	NULL,
     }, {
 	"timestamp_timeout", T_FLOAT|T_BOOL,
@@ -164,7 +164,7 @@ struct sudo_defs_types sudo_defs_table[] = {
 	NULL,
     }, {
 	"passwd_tries", T_UINT,
-	N_("Number of tries to enter a password: %d"),
+	N_("Number of tries to enter a password: %u"),
 	NULL,
     }, {
 	"umask", T_MODE|T_BOOL,
@@ -372,7 +372,7 @@ struct sudo_defs_types sudo_defs_table[] = {
 	NULL,
     }, {
 	"maxseq", T_UINT,
-	N_("Maximum I/O log sequence number"),
+	N_("Maximum I/O log sequence number: %u"),
 	NULL,
     }, {
 	NULL, 0, NULL
diff --git a/plugins/sudoers/def_data.h b/plugins/sudoers/def_data.h
index 3ee8f3e26..0dbbc9290 100644
--- a/plugins/sudoers/def_data.h
+++ b/plugins/sudoers/def_data.h
@@ -62,13 +62,13 @@
 #define I_STAY_SETUID           30
 #define def_preserve_groups     (sudo_defs_table[31].sd_un.flag)
 #define I_PRESERVE_GROUPS       31
-#define def_loglinelen          (sudo_defs_table[32].sd_un.ival)
+#define def_loglinelen          (sudo_defs_table[32].sd_un.uival)
 #define I_LOGLINELEN            32
 #define def_timestamp_timeout   (sudo_defs_table[33].sd_un.fval)
 #define I_TIMESTAMP_TIMEOUT     33
 #define def_passwd_timeout      (sudo_defs_table[34].sd_un.fval)
 #define I_PASSWD_TIMEOUT        34
-#define def_passwd_tries        (sudo_defs_table[35].sd_un.ival)
+#define def_passwd_tries        (sudo_defs_table[35].sd_un.uival)
 #define I_PASSWD_TRIES          35
 #define def_umask               (sudo_defs_table[36].sd_un.mode)
 #define I_UMASK                 36
@@ -172,7 +172,7 @@
 #define I_PAM_SETCRED           85
 #define def_pam_session         (sudo_defs_table[86].sd_un.flag)
 #define I_PAM_SESSION           86
-#define def_maxseq              (sudo_defs_table[87].sd_un.ival)
+#define def_maxseq              (sudo_defs_table[87].sd_un.uival)
 #define I_MAXSEQ                87
 
 enum def_tuple {
diff --git a/plugins/sudoers/def_data.in b/plugins/sudoers/def_data.in
index 211c86c17..dd3680546 100644
--- a/plugins/sudoers/def_data.in
+++ b/plugins/sudoers/def_data.in
@@ -109,7 +109,7 @@ preserve_groups
 	"Don't initialize the group vector to that of the target user"
 loglinelen
 	T_UINT|T_BOOL
-	"Length at which to wrap log file lines (0 for no wrap): %d"
+	"Length at which to wrap log file lines (0 for no wrap): %u"
 timestamp_timeout
 	T_FLOAT|T_BOOL
 	"Authentication timestamp timeout: %.1f minutes"
@@ -118,7 +118,7 @@ passwd_timeout
 	"Password prompt timeout: %.1f minutes"
 passwd_tries
 	T_UINT
-	"Number of tries to enter a password: %d"
+	"Number of tries to enter a password: %u"
 umask
 	T_MODE|T_BOOL
 	"Umask to use or 0777 to use user's: 0%o"
@@ -276,4 +276,4 @@ pam_session
 	"Create a new PAM session for the command to run in"
 maxseq
 	T_UINT
-	"Maximum I/O log sequence number"
+	"Maximum I/O log sequence number: %u"
diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c
index 28cd61658..d377dfee1 100644
--- a/plugins/sudoers/defaults.c
+++ b/plugins/sudoers/defaults.c
@@ -148,11 +148,14 @@ dump_defaults(void)
 			sudo_printf(SUDO_CONV_INFO_MSG, "\n");
 		    }
 		    break;
-		case T_UINT:
 		case T_INT:
 		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.ival);
 		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
 		    break;
+		case T_UINT:
+		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.uival);
+		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+		    break;
 		case T_FLOAT:
 		    sudo_printf(SUDO_CONV_INFO_MSG, desc, cur->sd_un.fval);
 		    sudo_printf(SUDO_CONV_INFO_MSG, "\n");
@@ -628,7 +631,7 @@ store_uint(char *val, struct sudo_defs_types *def, int op)
     debug_decl(store_uint, SUDO_DEBUG_DEFAULTS)
 
     if (op == false) {
-	def->sd_un.ival = 0;
+	def->sd_un.uival = 0;
     } else {
 	u = strtonum(val, 0, UINT_MAX, &errstr);
 	if (errstr != NULL) {
@@ -636,8 +639,7 @@ store_uint(char *val, struct sudo_defs_types *def, int op)
 		"%s: %s", val, errstr);
 	    debug_return_bool(false);
 	}
-	/* XXX - should have uival */
-	def->sd_un.ival = u;
+	def->sd_un.uival = u;
     }
     if (def->callback)
 	debug_return_bool(def->callback(val));
diff --git a/plugins/sudoers/defaults.h b/plugins/sudoers/defaults.h
index 2d8b5ce53..ed652c227 100644
--- a/plugins/sudoers/defaults.h
+++ b/plugins/sudoers/defaults.h
@@ -55,6 +55,7 @@ struct sudo_defs_types {
     union {
 	int flag;
 	int ival;
+	unsigned int uival;
 	double fval;
 	enum def_tuple tuple;
 	char *str;
diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c
index 007127e93..c6b533ece 100644
--- a/plugins/sudoers/logging.c
+++ b/plugins/sudoers/logging.c
@@ -344,7 +344,7 @@ log_failure(int status, int flags)
  * Log and audit that user was not able to authenticate themselves.
  */
 void
-log_auth_failure(int status, int tries)
+log_auth_failure(int status, unsigned int tries)
 {
     int flags = NO_MAIL;
     debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING)
@@ -439,9 +439,9 @@ vlog_warning(int flags, const char *fmt, va_list ap)
 
     /* Expand printf-style format + args (with a special case). */
     if (fmt == INCORRECT_PASSWORD_ATTEMPT) {
-	int tries = va_arg(ap, int);
-	easprintf(&message, ngettext("%d incorrect password attempt",
-	    "%d incorrect password attempts", tries), tries);
+	unsigned int tries = va_arg(ap, unsigned int);
+	easprintf(&message, ngettext("%u incorrect password attempt",
+	    "%u incorrect password attempts", tries), tries);
     } else {
 	evasprintf(&message, _(fmt), ap);
     }
@@ -493,9 +493,9 @@ vlog_warning(int flags, const char *fmt, va_list ap)
     if (!ISSET(flags, NO_STDERR)) {
 	sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
 	if (fmt == INCORRECT_PASSWORD_ATTEMPT) {
-	    int tries = va_arg(ap2, int);
-	    warningx_nodebug(ngettext("%d incorrect password attempt",
-		"%d incorrect password attempts", tries), tries);
+	    unsigned int tries = va_arg(ap2, unsigned int);
+	    warningx_nodebug(ngettext("%u incorrect password attempt",
+		"%u incorrect password attempts", tries), tries);
 	} else {
 	    if (ISSET(flags, USE_ERRNO))
 		vwarning_nodebug(_(fmt), ap2);
diff --git a/plugins/sudoers/logging.h b/plugins/sudoers/logging.h
index 5ecb2c16f..aa3b9acad 100644
--- a/plugins/sudoers/logging.h
+++ b/plugins/sudoers/logging.h
@@ -63,7 +63,7 @@ int sudoers_getlocale(void);
 void audit_success(char *exec_args[]);
 void audit_failure(char *exec_args[], char const *const fmt, ...) __printflike(2, 3);
 void log_allowed(int status);
-void log_auth_failure(int status, int tries);
+void log_auth_failure(int status, unsigned int tries);
 void log_denial(int status, bool inform_user);
 void log_failure(int status, int flags);
 void log_warning(int flags, const char *fmt, ...) __printflike(2, 3);
diff --git a/plugins/sudoers/mkdefaults b/plugins/sudoers/mkdefaults
index 427cff754..72f56a333 100755
--- a/plugins/sudoers/mkdefaults
+++ b/plugins/sudoers/mkdefaults
@@ -125,7 +125,8 @@ sub print_record {
     my ($i, $v, $defname);
     # each variable gets a macro to access its value
     for ($rec->[1]) {
-	if    (/^T_U?INT/)  { $v = "ival"; }
+	if    (/^T_INT/)    { $v = "ival"; }
+	elsif (/^T_UINT/)   { $v = "uival"; }
 	elsif (/^T_STR/)    { $v = "str"; }
 	elsif (/^T_FLAG/)   { $v = "flag"; }
 	elsif (/^T_MODE/)   { $v = "mode"; }