c24bd26ba1
Implements a C-ABI PAM shared library that registers a pam_set_data cleanup callback to detect auth failures and spawn/kill ahfail-display via a double-fork, without ever touching credentials.
22 lines
580 B
Rust
22 lines
580 B
Rust
use ahfail_pam::{is_failure, is_success, is_replace, PAM_AUTH_ERR, PAM_SUCCESS, PAM_DATA_REPLACE};
|
|
|
|
#[test]
|
|
fn status_classification() {
|
|
assert!(is_failure(PAM_AUTH_ERR));
|
|
assert!(is_success(PAM_SUCCESS));
|
|
assert!(!is_failure(PAM_SUCCESS));
|
|
assert!(!is_success(PAM_AUTH_ERR));
|
|
}
|
|
|
|
#[test]
|
|
fn replace_flag_detected() {
|
|
let replace_status = PAM_AUTH_ERR | PAM_DATA_REPLACE;
|
|
assert!(is_replace(replace_status));
|
|
assert!(!is_replace(PAM_SUCCESS));
|
|
}
|
|
|
|
#[test]
|
|
fn display_path_default_is_set() {
|
|
assert!(!ahfail_pam::default_display_path().is_empty());
|
|
}
|