+#define PAM_SERVICE "sudo"
+
+#define __UNUSED __attribute__ ((unused))
+
+static int
+pam_conv(__UNUSED int huh, __UNUSED const struct pam_message **msg,
+ __UNUSED struct pam_response **rsp, __UNUSED void *ptr)
+{
+ return 0;
+}
+
+static struct pam_conv conv = {
+ .conv = pam_conv,
+ .appdata_ptr = NULL,
+};
+
+static int
+check_pam(const char *user)
+{
+ fprintf(stderr, "check_pam(%s)\n", user);
+
+ int ret;
+ pam_handle_t *pamh = NULL;
+
+ ret = pam_start(PAM_SERVICE, user, &conv, &pamh);
+ if (ret != 0) {
+ fprintf(stderr, "pam_start(\"%s\", \"%s\", ?, ?): failed\n",
+ PAM_SERVICE, user);
+ return -1;
+ }
+
+ if ((ret = pam_close_session(pamh, 0)) != 0) {
+ fprintf(stderr, "pam_close_session(): %s\n", pam_strerror(pamh, ret));
+ return -1;
+ }
+
+ return 0;
+}
+