As `user_a`, with both `user_a` and `user_b` being normal, unprivileged users:
compile `pamcheck.c`:
```
#include <sys/types.h>
#include <security/pam_appl.h>
#include <security/openpam.h>
#include <stdio.h>
int main(int argc, char **argv)
{
if (argc != 2)
{
fputs("usage: pamcheck user\n", stderr);
return 1;
}
pam_handle_t *pamh = 0;
struct pam_conv conv = { openpam_ttyconv, 0 };
int rc = pam_start("system", argv[1], &conv, &pamh);
if (rc != PAM_SUCCESS)
{
fprintf(stderr, "%s\n", pam_strerror(pamh, rc));
return 1;
}
rc = pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK);
const char *result = pam_strerror(pamh, rc);
pam_end(pamh, rc);
fprintf(stderr, "pam_authenticate: %s\n", result);
return 0;
}
```
run `./pamcheck user_a`, type `user_a`'s password -> should indicate success.
run `./pamcheck user_a`, type a random password -> should indicate failure.
run `./pamcheck user_b`, type `user_b`'s password -> should indicate failure.