Index: head/security/sudo/Makefile
===================================================================
--- head/security/sudo/Makefile	(revision 539615)
+++ head/security/sudo/Makefile	(revision 539616)
@@ -1,118 +1,128 @@
 # Created by: erich@rrnet.com
 # $FreeBSD$
 
 PORTNAME=	sudo
-PORTVERSION=	1.8.31p1
+PORTVERSION=	1.9.1
 CATEGORIES=	security
 MASTER_SITES=	SUDO
 
 MAINTAINER=	garga@FreeBSD.org
 COMMENT=	Allow others to run commands as root
 
 LICENSE=	sudo
 LICENSE_NAME=	Sudo license
 LICENSE_FILE=	${WRKSRC}/doc/LICENSE
 LICENSE_PERMS=	dist-mirror dist-sell pkg-mirror pkg-sell auto-accept
 
 USES=		cpe libtool
 CPE_VENDOR=	todd_miller
 USE_LDCONFIG=	yes
 GNU_CONFIGURE=	yes
 LDFLAGS+=	-lgcc
 
 CONFIGURE_ARGS=	--sysconfdir=${PREFIX}/etc \
 		--with-ignore-dot \
 		--with-tty-tickets \
 		--with-env-editor \
 		--with-logincap \
 		--with-long-otp-prompt \
 		--with-rundir=/var/run/sudo
 
 OPTIONS_DEFINE=	LDAP INSULTS DISABLE_ROOT_SUDO DISABLE_AUTH NOARGS_SHELL \
-		AUDIT OPIE PAM NLS SSSD DOCS EXAMPLES
+		AUDIT OPIE PAM PYTHON NLS SSSD DOCS EXAMPLES
 OPTIONS_RADIO=	KERBEROS
 OPTIONS_DEFAULT=	AUDIT PAM
 OPTIONS_SUB=	yes
 
 INSULTS_DESC=	Enable insults on failures
 DISABLE_ROOT_SUDO_DESC=	Do not allow root to run sudo
 DISABLE_AUTH_DESC=	Do not require authentication by default
 NOARGS_SHELL_DESC=	Run a shell if no arguments are given
 AUDIT_DESC=	Enable BSM audit support
 KERBEROS_DESC=	Enable Kerberos 5 authentication (no PAM support)
 OPIE_DESC=	Enable one-time passwords (no PAM support)
+PYTHON_DESC=	Enable python plugin support
 SSSD_DESC=	Enable SSSD backend support.
 
 PAM_PREVENTS=	OPIE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
 PAM_PREVENTS_MSG=	PAM cannot be combined with any other authentication plugin
 
 LOGFAC?=	authpriv
 CONFIGURE_ARGS+=	--with-logfac=${LOGFAC}
 
 # This is intentionally not an option.
 # SUDO_SECURE_PATH is a PATH string that will override the user's PATH.
 # ex: make SUDO_SECURE_PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin"
 .if defined(SUDO_SECURE_PATH)
 CONFIGURE_ARGS+=	--with-secure-path="${SUDO_SECURE_PATH}"
 .endif
 
 NLS_USES=	gettext
 NLS_CONFIGURE_ENABLE=	nls
 NLS_LDFLAGS=	-L${LOCALBASE}/lib -lintl
 NLS_CFLAGS=	-I${LOCALBASE}/include
 
 INSULTS_CONFIGURE_ON=	--with-insults
 INSULTS_CONFIGURE_ON+=	--with-all-insults
 
 LDAP_USE=	OPENLDAP=yes
 LDAP_CONFIGURE_ON=	--with-ldap=${PREFIX}
 SUDO_LDAP_CONF?=	ldap.conf
 LDAP_CONFIGURE_ON+=	--with-ldap-conf-file=${PREFIX}/etc/${SUDO_LDAP_CONF}
 
 DISABLE_ROOT_SUDO_CONFIGURE_ON=	--disable-root-sudo
 DISABLE_AUTH_CONFIGURE_ON=	--disable-authentication
 NOARGS_SHELL_CONFIGURE_ENABLE=	noargs-shell
 AUDIT_CONFIGURE_WITH=	bsm-audit
 PAM_CONFIGURE_ON=	--with-pam
 OPIE_CONFIGURE_ON=	--with-opie
+PYTHON_USES=	python
+PYTHON_CONFIGURE_ENABLE=	python
 SSSD_CONFIGURE_ON=	--with-sssd
 SSSD_RUN_DEPENDS=	sssd:security/sssd
 
 OPTIONS_RADIO_KERBEROS=	GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
 GSSAPI_BASE_USES=	gssapi
 GSSAPI_BASE_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
 GSSAPI_HEIMDAL_USES=	gssapi:heimdal
 GSSAPI_HEIMDAL_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
 GSSAPI_MIT_USES=	gssapi:mit
 GSSAPI_MIT_CONFIGURE_ON=	--with-kerb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
 # This is intentionally not an option.
 # SUDO_KERB5_INSTANCE is an optional instance string that will be appended to kerberos
 # principals when to perform authentication. Common choices are "admin" and "sudo".
 .if defined(SUDO_KERB5_INSTANCE)
 CONFIGURE_ARGS+=	--enable-kerb5-instance="${SUDO_KERB5_INSTANCE}"
 .endif
 
 .include <bsd.port.options.mk>
 
 .if ${ARCH} == "arm"
 CONFIGURE_ARGS+=	--disable-pie
 .endif
 
 post-patch:
 	@${REINPLACE_CMD} -E '/install-(binaries|noexec):/,/^$$/ \
 		s/\$$\(INSTALL\)/& ${STRIP}/;s/-b\~/-b ~/' \
 		${WRKSRC}/src/Makefile.in
 	@${REINPLACE_CMD} -e 's,$$(srcdir)/sudoers2ldif $$(DESTDIR)$$(docdir),$$(srcdir)/sudoers2ldif $$(DESTDIR)$$(bindir),' \
 		${WRKSRC}/plugins/sudoers/Makefile.in
 
 post-install:
 	${INSTALL_DATA} ${FILESDIR}/pam.conf ${STAGEDIR}${PREFIX}/etc/pam.d/sudo.default
+	${MV} ${STAGEDIR}${PREFIX}/etc/sudo.conf ${STAGEDIR}${PREFIX}/etc/sudo.conf.sample
+	${MV} ${STAGEDIR}${PREFIX}/etc/sudo_logsrvd.conf ${STAGEDIR}${PREFIX}/etc/sudo_logsrvd.conf.sample
 	${RM} ${STAGEDIR}${PREFIX}/etc/sudoers
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/cvtsudoers
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/sudoreplay
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/sudo_logsrvd
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/sudo_sendlog
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/visudo
-.for f in group_file.so libsudo_util.so sudoers.so system_group.so
+.for f in audit_json.so group_file.so libsudo_util.so sample_approval.so sudoers.so system_group.so
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/sudo/${f}
 .endfor
+
+post-install-PYTHON-on:
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/sudo/python_plugin.so
 
 .include <bsd.port.mk>
Index: head/security/sudo/distinfo
===================================================================
--- head/security/sudo/distinfo	(revision 539615)
+++ head/security/sudo/distinfo	(revision 539616)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1584533326
-SHA256 (sudo-1.8.31p1.tar.gz) = c73cfdfbc1c5cc259fcc3a355e1bacfed99c5580daeadec9704a24cd5e6d15d8
-SIZE (sudo-1.8.31p1.tar.gz) = 3351312
+TIMESTAMP = 1592528955
+SHA256 (sudo-1.9.1.tar.gz) = 294116cefe10a02773917fc7440d8384b925955bc96a6e0eaa1977c83b34adff
+SIZE (sudo-1.9.1.tar.gz) = 3834744
Index: head/security/sudo/pkg-plist
===================================================================
--- head/security/sudo/pkg-plist	(revision 539615)
+++ head/security/sudo/pkg-plist	(revision 539616)
@@ -1,111 +1,133 @@
 bin/cvtsudoers
 bin/sudo
 bin/sudoedit
 bin/sudoreplay
-@sample etc/sudoers.dist etc/sudoers
 @sample etc/pam.d/sudo.default etc/pam.d/sudo
+@sample etc/sudo.conf.sample
+@sample etc/sudo_logsrvd.conf.sample
+@sample etc/sudoers.dist etc/sudoers
 include/sudo_plugin.h
+libexec/sudo/audit_json.so
 libexec/sudo/group_file.so
 libexec/sudo/libsudo_util.so
 libexec/sudo/libsudo_util.so.0
 libexec/sudo/libsudo_util.so.0.0.0
+%%PYTHON%%libexec/sudo/python_plugin.so
+libexec/sudo/sample_approval.so
 libexec/sudo/sudo_noexec.so
 libexec/sudo/sudoers.so
 libexec/sudo/system_group.so
 man/man1/cvtsudoers.1.gz
 man/man5/sudo.conf.5.gz
+man/man5/sudo_logsrv.proto.5.gz
+man/man5/sudo_logsrvd.conf.5.gz
 man/man5/sudoers.5.gz
 man/man5/sudoers_timestamp.5.gz
 %%LDAP%%man/man5/sudoers.ldap.5.gz
 man/man8/sudo.8.gz
+man/man8/sudo_logsrvd.8.gz
 man/man8/sudo_plugin.8.gz
+man/man8/sudo_plugin_python.8.gz
+man/man8/sudo_sendlog.8.gz
 man/man8/sudoedit.8.gz
 man/man8/sudoreplay.8.gz
 man/man8/visudo.8.gz
 sbin/visudo
+sbin/sudo_logsrvd
+sbin/sudo_sendlog
 %%PORTDOCS%%%%DOCSDIR%%/CONTRIBUTORS
 %%PORTDOCS%%%%DOCSDIR%%/ChangeLog
 %%PORTDOCS%%%%DOCSDIR%%/HISTORY
 %%PORTDOCS%%%%DOCSDIR%%/LICENSE
 %%PORTDOCS%%%%DOCSDIR%%/NEWS
 %%PORTDOCS%%%%DOCSDIR%%/README
 %%PORTDOCS%%%%DOCSDIR%%/TROUBLESHOOTING
 %%PORTDOCS%%%%DOCSDIR%%/UPGRADE
 %%LDAP%%%%PORTDOCS%%%%DOCSDIR%%/README.LDAP
 %%LDAP%%%%PORTDOCS%%%%DOCSDIR%%/schema.ActiveDirectory
 %%LDAP%%%%PORTDOCS%%%%DOCSDIR%%/schema.OpenLDAP
 %%LDAP%%%%PORTDOCS%%%%DOCSDIR%%/schema.iPlanet
 %%LDAP%%%%PORTDOCS%%%%DOCSDIR%%/schema.olcSudo
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/pam.conf
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/sudo.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/sudo_logsrvd.conf
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/sudoers
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/syslog.conf
+%%PYTHON%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example_approval_plugin.py
+%%PYTHON%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example_audit_plugin.py
+%%PYTHON%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example_conversation.py
+%%PYTHON%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example_debugging.py
+%%PYTHON%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example_group_plugin.py
+%%PYTHON%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example_io_plugin.py
+%%PYTHON%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example_policy_plugin.py
 %%NLS%%share/locale/ast/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/ast/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/ca/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/ca/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/cs/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/cs/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/da/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/da/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/de/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/de/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/el/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/eo/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/eo/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/es/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/eu/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/eu/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/fi/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/fi/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/fr/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/fr/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/fur/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/fur/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/gl/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/hr/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/hr/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/hu/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/hu/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/it/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/it/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/ja/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/ja/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/ko/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/ko/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/lt/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/nb/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/nb/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/nl/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/nl/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/nn/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/pl/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/pl/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/pt/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/pt/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/pt_BR/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/pt_BR/LC_MESSAGES/sudoers.mo
+%%NLS%%share/locale/ro/LC_MESSAGES/sudo.mo
+%%NLS%%share/locale/ro/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/ru/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/ru/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/sk/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/sk/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/sl/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/sl/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/sr/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/sr/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/sv/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/sv/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/tr/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/tr/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/uk/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/uk/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/vi/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/vi/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/zh_CN/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/zh_CN/LC_MESSAGES/sudoers.mo
 %%NLS%%share/locale/zh_TW/LC_MESSAGES/sudo.mo
 %%NLS%%share/locale/zh_TW/LC_MESSAGES/sudoers.mo
 @dir etc/sudoers.d
 @dir /var/db/sudo/lectured
 @dir /var/db/sudo
 @dir /var/run/sudo