Mercurial > crates > nonstick

diff build.rs @ 92:5ddbcada30f2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add the ability to log against a PAM handle. PAM impls provide a way to log to syslog. This exposes it via nonstick.
author Paul Fisher <paul@pfish.zone>
date Sun, 22 Jun 2025 19:29:32 -0400
parents f6186e41399b
children efe2f5f8b5b2
line wrap: on
line diff
--- a/build.rs	Wed Jun 18 16:30:41 2025 -0400
+++ b/build.rs	Sun Jun 22 19:29:32 2025 -0400
@@ -23,12 +23,13 @@
         let linux_builder = common_builder
             .clone()
             // This function is not available in OpenPAM.
-            // We don't use it, but we include it so that if the user
-            // tries to run this against the wrong PAM library, it fails.
-            .allowlist_function("pam_start_confdir")
+            // That means if somebody tries to run a binary compiled for
+            // Linux-PAM against a different impl, it will fail.
+            .allowlist_function("pam_syslog")
             .header_contents(
                 "linux-pam.h",
                 r#"
+                #include <syslog.h> // for log levels
                 #include <security/_pam_types.h>
                 #include <security/pam_appl.h>
                 #include <security/pam_ext.h>
@@ -38,9 +39,9 @@
         let openpam_builder = common_builder
             .clone()
             // This function is not available in Linux-PAM.
-            // We don't use it, but we include it so that if the user
-            // tries to run this against the wrong PAM library, it fails.
-            .allowlist_function("pam_setenv")
+            // That means if somebody tries to run a binary compiled for
+            // OpenPAM against a different impl, it will fail.
+            .allowlist_function("openpam_log")
             .header_contents(
                 "openpam.h",
                 r#"