[pbs-devel] [PATCH proxmox] auth-api: log `authenticate` result not the return value of `start`

[Shannon Sterz]

log the actual result of the `authenticate` call in order to make
debugging authentication issues easier. previously we logged the
result of the above `pam_sys::wrapped::start` call, which was
typically `SUCCESS` leading to the very confusing error message:

authentication error - SUCCESS (0)

when in reality the authentication failed.

note that pam uses the SUCCESS return code differently depending on
the function that is called. `pam_start` uses it to communicate that a
transaction was successfully started. `pam_authenticate` uses it to
communicate that a user was successfully logged in.

Signed-off-by: Shannon Sterz <s.sterz at proxmox.com>
---
 proxmox-auth-api/src/pam_authenticator.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/proxmox-auth-api/src/pam_authenticator.rs b/proxmox-auth-api/src/pam_authenticator.rs
index d34575be..ed8708da 100644
--- a/proxmox-auth-api/src/pam_authenticator.rs
+++ b/proxmox-auth-api/src/pam_authenticator.rs
@@ -64,7 +64,7 @@ impl crate::api::Authenticator for Pam {
             handle.result =
                 pam_sys::wrapped::authenticate(handle.handle, pam_sys::types::PamFlag::NONE);
             if handle.result != PamReturnCode::SUCCESS {
-                bail!("authentication error - {err}");
+                bail!("authentication error - {}", handle.result);
             }
 
             Ok(())
-- 
2.47.2