crates/nonstick: build.rs comparison

Add the ability to log against a PAM handle. PAM impls provide a way to log to syslog. This exposes it via nonstick.

comparison

equal deleted inserted replaced

-:039aae9a01f7
+:5ddbcada30f2
 .default_macro_constant_type(MacroTypeVariation::Unsigned);
 let linux_builder = common_builder
 .clone()
 // This function is not available in OpenPAM.
-// We don't use it, but we include it so that if the user
+// That means if somebody tries to run a binary compiled for
-// tries to run this against the wrong PAM library, it fails.
+// Linux-PAM against a different impl, it will fail.
-.allowlist_function("pam_start_confdir")
+.allowlist_function("pam_syslog")
 .header_contents(
 "linux-pam.h",
 r#"
+#include <syslog.h> // for log levels
 #include <security/_pam_types.h>
 #include <security/pam_appl.h>
 #include <security/pam_ext.h>
 #include <security/pam_modules.h>
 "#,
 );
 let openpam_builder = common_builder
 .clone()
 // This function is not available in Linux-PAM.
-// We don't use it, but we include it so that if the user
+// That means if somebody tries to run a binary compiled for
-// tries to run this against the wrong PAM library, it fails.
+// OpenPAM against a different impl, it will fail.
-.allowlist_function("pam_setenv")
+.allowlist_function("openpam_log")
 .header_contents(
 "openpam.h",
 r#"
 #include <security/pam_types.h>
 #include <security/openpam.h>

Mercurial > crates > nonstick