Use the correct PAM service name on FreeBSD

src/su/mod.rs

@@ -24,7 +24,12 @@ fn authenticate(
     user: &str,
     login: bool,
 ) -> Result<PamContext<CLIConverser>, Error> {
-    let context = if login { "su-l" } else { "su" };
+    // FIXME make it configurable by the packager
+    let context = if login && cfg!(target_os = "linux") {
+        "su-l"
+    } else {
+        "su"
+    };
     let use_stdin = true;
     let mut pam = PamContext::builder_cli("su", use_stdin, false)
         .target_user(user)

src/sudo/pam.rs

@@ -111,7 +111,12 @@ pub fn init_pam(
     auth_user: &str,
     requesting_user: &str,
 ) -> PamResult<PamContext<CLIConverser>> {
-    let service_name = if is_login_shell { "sudo-i" } else { "sudo" };
+    // FIXME make it configurable by the packager
+    let service_name = if is_login_shell && cfg!(target_os = "linux") {
+        "sudo-i"
+    } else {
+        "sudo"
+    };
     let mut pam = PamContext::builder_cli("sudo", use_stdin, non_interactive)
         .service_name(service_name)
         .build()?;

test-framework/sudo-compliance-tests/src/sudo/pam.rs

@@ -88,6 +88,7 @@ fn sudo_uses_correct_service_file() -> Result<()> {
 }
 
 #[test]
+#[cfg_attr(target_os = "freebsd", ignore = "FreeBSD doesn't use sudo-i PAM context")]
 fn sudo_dash_i_uses_correct_service_file() -> Result<()> {
     let env = Env("ALL ALL=(ALL:ALL) ALL")
         .file("/etc/pam.d/sudo-i", "auth sufficient pam_permit.so")