diff -up sudo-1.8.6p3/doc/sudoers.cat.orig sudo-1.8.6p3/doc/sudoers.cat
--- sudo-1.8.6p3/doc/sudoers.cat.orig 2012-09-18 15:57:43.000000000 +0200
+++ sudo-1.8.6p3/doc/sudoers.cat 2013-07-10 14:57:53.791093835 +0200
@@ -668,11 +668,24 @@ S�SU�UD�DO�OE�ER�RS�S F�FI�IL�LE�E F�FO�
since in a command context, it allows the user to run a�an�ny�y command on the
system.
- An exclamation point (`!') can be used as a logical _�n_�o_�t operator both in
- an _�a_�l_�i_�a_�s and in front of a Cmnd. This allows one to exclude certain
- values. Note, however, that using a `!' in conjunction with the built-in
- A�AL�LL�L alias to allow a user to run ``all but a few'' commands rarely works
- as intended (see _�S_�E_�C_�U_�R_�I_�T_�Y _�N_�O_�T_�E_�S below).
+ An exclamation point (`!') can be used as a logical _�n_�o_�t operator in a
+ list or _�a_�l_�i_�a_�s as well as in front of a Cmnd. This allows one to exclude
+ certain values. For the `!' operator to be effective, there must be
+ something for it to exclude. For example, to match all users except for
+ root one would use:
+
+ ALL,!root
+
+ If the A�AL�LL�L, is omitted, as in:
+
+ !root
+
+ it would explicitly deny root but not match any other users. This is
+ different from a true ``negation'' operator.
+
+ Note, however, that using a `!' in conjunction with the built-in A�AL�LL�L
+ alias to allow a user to run ``all but a few'' commands rarely works as
+ intended (see _�S_�E_�C_�U_�R_�I_�T_�Y _�N_�O_�T_�E_�S below).
Long lines can be continued with a backslash (`\') as the last character
on the line.
diff -up sudo-1.8.6p3/doc/sudoers.man.in.orig sudo-1.8.6p3/doc/sudoers.man.in
--- sudo-1.8.6p3/doc/sudoers.man.in.orig 2013-07-10 13:00:20.987336061 +0200
+++ sudo-1.8.6p3/doc/sudoers.man.in 2013-07-10 14:57:53.792093837 +0200
@@ -1490,11 +1490,37 @@ An exclamation point
(`\&!')
can be used as a logical
\fInot\fR
-operator both in an
+operator in a list or
\fIalias\fR
-and in front of a
+as well as in front of a
\fRCmnd\fR.
This allows one to exclude certain values.
+For the
+`\&!'
+operator to be effective, there must be something for it to exclude.
+For example, to match all users except for root one would use:
+.nf
+.sp
+.RS 4n
+ALL,!root
+.RE
+.fi
+.PP
+If the
+\fBALL\fR,
+is omitted, as in:
+.nf
+.sp
+.RS 4n
+!root
+.RE
+.fi
+.PP
+it would explicitly deny root but not match any other users.
+This is different from a true
+``negation''
+operator.
+.PP
Note, however, that using a
`\&!'
in conjunction with the built-in
diff -up sudo-1.8.6p3/doc/sudoers.mdoc.in.orig sudo-1.8.6p3/doc/sudoers.mdoc.in
--- sudo-1.8.6p3/doc/sudoers.mdoc.in.orig 2012-09-18 15:57:43.000000000 +0200
+++ sudo-1.8.6p3/doc/sudoers.mdoc.in 2013-07-10 14:57:53.793093839 +0200
@@ -1393,11 +1393,31 @@ An exclamation point
.Pq Ql \&!
can be used as a logical
.Em not
-operator both in an
+operator in a list or
.Em alias
-and in front of a
+as well as in front of a
.Li Cmnd .
This allows one to exclude certain values.
+For the
+.Ql \&!
+operator to be effective, there must be something for it to exclude.
+For example, to match all users except for root one would use:
+.Bd -literal -offset 4n
+ALL,!root
+.Ed
+.Pp
+If the
+.Sy ALL ,
+is omitted, as in:
+.Bd -literal -offset 4n
+!root
+.Ed
+.Pp
+it would explicitly deny root but not match any other users.
+This is different from a true
+.Dq negation
+operator.
+.Pp
Note, however, that using a
.Ql \&!
in conjunction with the built-in