Mercurial > crates > nonstick
annotate src/lib.rs @ 173:46e8ce5cd5d1
Miscellaneous doc and code cleanups.
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Tue, 29 Jul 2025 16:52:32 -0400 |
| parents | e27c5c667a5a |
| children | 9e4ce1631bd3 |
| rev | line source |
|---|---|
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
1 //! A safe, nonstick interface to PAM. |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
2 //! |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
3 //! This implements a type-safe library to interact with PAM. |
|
62
d83623951070
Further improve docs and put `conv` behind a feature gate.
Paul Fisher <paul@pfish.zone>
parents:
60
diff
changeset
|
4 //! Currently, it implements a subset of PAM useful for implementing a module. |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
5 //! |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
6 //! To write a new PAM module using this crate: |
|
15
27730595f1ea
Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff
changeset
|
7 //! |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
8 //! 1. Create a `dylib` crate. |
|
62
d83623951070
Further improve docs and put `conv` behind a feature gate.
Paul Fisher <paul@pfish.zone>
parents:
60
diff
changeset
|
9 //! 2. Implement a subset of the functions in the [`PamModule`] trait |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
10 //! corresponding to what you want your module to do. |
|
62
d83623951070
Further improve docs and put `conv` behind a feature gate.
Paul Fisher <paul@pfish.zone>
parents:
60
diff
changeset
|
11 //! In the simplest case (for a new password-based authenticator), |
|
64
bbe84835d6db
More organization; add lots of docs.
Paul Fisher <paul@pfish.zone>
parents:
63
diff
changeset
|
12 //! this will be the [`PamModule::authenticate`] function. |
|
173
46e8ce5cd5d1
Miscellaneous doc and code cleanups.
Paul Fisher <paul@pfish.zone>
parents:
171
diff
changeset
|
13 //! 3. Export your PAM module using the [`pam_export!`] macro. |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
14 //! 4. Build and install the dynamic library. |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
15 //! This usually entails placing it at |
|
62
d83623951070
Further improve docs and put `conv` behind a feature gate.
Paul Fisher <paul@pfish.zone>
parents:
60
diff
changeset
|
16 //! <code>/usr/lib/security/pam_<var>your_module</var>.so</code>, |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
17 //! or maybe |
|
62
d83623951070
Further improve docs and put `conv` behind a feature gate.
Paul Fisher <paul@pfish.zone>
parents:
60
diff
changeset
|
18 //! <code>/usr/lib/<var>your-architecture</var>/security/pam_<var>your_module</var>.so</code>. |
|
15
27730595f1ea
Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff
changeset
|
19 //! |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
20 //! For general information on writing PAM modules, see |
|
15
27730595f1ea
Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff
changeset
|
21 //! [The Linux-PAM Module Writers' Guide][module-guide] |
|
27730595f1ea
Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff
changeset
|
22 //! |
|
45
ce47901aab7a
Rename to “nonstick”, move to root, update docs and license.
Paul Fisher <paul@pfish.zone>
parents:
34
diff
changeset
|
23 //! [module-guide]: https://www.chiark.greenend.org.uk/doc/libpam-doc/html/Linux-PAM_MWG.html |
|
15
27730595f1ea
Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff
changeset
|
24 |
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
25 #[cfg(feature = "link")] |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
26 mod _compat_checker { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
27 macro_rules! feature_check { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
28 ($feature:literal, pam_impl = ($($pimpl:literal),*)) => { |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
29 #[cfg(all(feature = $feature, not(any($(pam_impl = $pimpl),*))))] |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
30 compile_error!( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
31 concat!( |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
32 "The feature '", $feature, "' is only available ", |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
33 "with these PAM implementations:\n", |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
34 $("- ", $pimpl, "\n"),*, |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
35 "The current PAM implementation is:\n\n", |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
36 " ", libpam_sys::pam_impl_name!(), "\n\n", |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
37 "Set the 'LIBPAMSYS_IMPL' environment variable to one of ", |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
38 "the above PAM implementation names to build ", |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
39 "for that implementation of PAM." |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
40 ) |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
41 ); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
42 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
43 } |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
44 feature_check!("linux-pam-ext", pam_impl = ("LinuxPam")); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
45 feature_check!("basic-ext", pam_impl = ("LinuxPam", "OpenPam")); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
46 feature_check!("openpam-ext", pam_impl = ("OpenPam")); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
47 feature_check!("sun-ext", pam_impl = ("Sun")); |
|
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
48 } |
| 72 | 49 |
| 34 | 50 pub mod constants; |
|
74
c7c596e6388f
Make conversations type-safe (last big reorg) (REAL) (NOT CLICKBAIT)
Paul Fisher <paul@pfish.zone>
parents:
73
diff
changeset
|
51 pub mod conv; |
|
70
9f8381a1c09c
Implement low-level conversation primitives.
Paul Fisher <paul@pfish.zone>
parents:
69
diff
changeset
|
52 pub mod module; |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
53 |
|
73
ac6881304c78
Do conversations, along with way too much stuff.
Paul Fisher <paul@pfish.zone>
parents:
72
diff
changeset
|
54 pub mod handle; |
|
74
c7c596e6388f
Make conversations type-safe (last big reorg) (REAL) (NOT CLICKBAIT)
Paul Fisher <paul@pfish.zone>
parents:
73
diff
changeset
|
55 |
|
106
49d9e2b5c189
An irresponsible mix of implementing libpam-sys and other stuff.
Paul Fisher <paul@pfish.zone>
parents:
103
diff
changeset
|
56 mod _doc; |
|
98
b87100c5eed4
Start on environment variables, and make pointers nicer.
Paul Fisher <paul@pfish.zone>
parents:
96
diff
changeset
|
57 mod environ; |
|
146
1bc52025156b
Split PAM items into their own separate struct.
Paul Fisher <paul@pfish.zone>
parents:
144
diff
changeset
|
58 pub mod items; |
|
74
c7c596e6388f
Make conversations type-safe (last big reorg) (REAL) (NOT CLICKBAIT)
Paul Fisher <paul@pfish.zone>
parents:
73
diff
changeset
|
59 #[cfg(feature = "link")] |
|
146
1bc52025156b
Split PAM items into their own separate struct.
Paul Fisher <paul@pfish.zone>
parents:
144
diff
changeset
|
60 pub mod libpam; |
|
92
5ddbcada30f2
Add the ability to log against a PAM handle.
Paul Fisher <paul@pfish.zone>
parents:
75
diff
changeset
|
61 pub mod logging; |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
62 |
|
74
c7c596e6388f
Make conversations type-safe (last big reorg) (REAL) (NOT CLICKBAIT)
Paul Fisher <paul@pfish.zone>
parents:
73
diff
changeset
|
63 #[cfg(feature = "link")] |
|
98
b87100c5eed4
Start on environment variables, and make pointers nicer.
Paul Fisher <paul@pfish.zone>
parents:
96
diff
changeset
|
64 #[doc(inline)] |
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
65 pub use crate::libpam::{LibPamHandle, LibPamTransaction, TransactionBuilder}; |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
66 #[doc(inline)] |
|
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
67 pub use crate::{ |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
68 constants::{ |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
69 AuthnFlags, AuthtokAction, AuthtokFlags, BaseFlags, CredAction, ErrorCode, Result, |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
70 }, |
|
96
f3e260f9ddcb
Make conversation trait use immutable references.
Paul Fisher <paul@pfish.zone>
parents:
92
diff
changeset
|
71 conv::{BinaryData, Conversation, ConversationAdapter}, |
|
100
3f11b8d30f63
Implement environment variable management.
Paul Fisher <paul@pfish.zone>
parents:
98
diff
changeset
|
72 environ::{EnvironMap, EnvironMapMut}, |
|
146
1bc52025156b
Split PAM items into their own separate struct.
Paul Fisher <paul@pfish.zone>
parents:
144
diff
changeset
|
73 handle::{ModuleClient, PamShared, Transaction}, |
|
64
bbe84835d6db
More organization; add lots of docs.
Paul Fisher <paul@pfish.zone>
parents:
63
diff
changeset
|
74 module::PamModule, |
|
60
05cc2c27334f
The Big Refactor: clean up docs and exports.
Paul Fisher <paul@pfish.zone>
parents:
57
diff
changeset
|
75 }; |