mirror of
https://github.com/linux-pam/linux-pam.git
synced 2024-11-28 04:03:40 +08:00
5264bc8c9a
Patch by Louis Sautier * doc/adg/Linux-PAM_ADG.xml: Fix gramatical errors. * doc/man/pam.3.xml: Likewise. * doc/man/pam_acct_mgmt.3.xml: Likewise. * doc/man/pam_chauthtok.3.xml: Likewise. * doc/man/pam_sm_chauthtok.3.xml: Likewise. * modules/pam_limits/limits.conf.5.xml: Likewise. * modules/pam_mail/pam_mail.8.xml: Likewise. * modules/pam_rhosts/pam_rhosts.c: Likewise. * modules/pam_shells/pam_shells.8.xml: Likewise. * modules/pam_tally/pam_tally.8.xml: Likewise. * modules/pam_tally2/pam_tally2.8.xml: Likewise. * modules/pam_unix/pam_unix.8.xml: Likewise.
146 lines
4.5 KiB
XML
146 lines
4.5 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
|
|
<refentry id='pam_acct_mgmt'>
|
|
<refmeta>
|
|
<refentrytitle>pam_acct_mgmt</refentrytitle>
|
|
<manvolnum>3</manvolnum>
|
|
<refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
|
|
</refmeta>
|
|
|
|
<refnamediv id="pam_acct_mgmt-name">
|
|
<refname>pam_acct_mgmt</refname>
|
|
<refpurpose>PAM account validation management</refpurpose>
|
|
</refnamediv>
|
|
|
|
<!-- body begins here -->
|
|
|
|
<refsynopsisdiv>
|
|
<funcsynopsis id='pam_acct_mgmt-synopsis'>
|
|
<funcsynopsisinfo>#include <security/pam_appl.h></funcsynopsisinfo>
|
|
<funcprototype>
|
|
<funcdef>int <function>pam_acct_mgmt</function></funcdef>
|
|
<paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
|
|
<paramdef>int <parameter>flags</parameter></paramdef>
|
|
</funcprototype>
|
|
</funcsynopsis>
|
|
</refsynopsisdiv>
|
|
|
|
|
|
<refsect1 id='pam_acct_mgmt-description'>
|
|
<title>DESCRIPTION</title>
|
|
<para>
|
|
The <function>pam_acct_mgmt</function> function is used to determine
|
|
if the user's account is valid. It checks for authentication token
|
|
and account expiration and verifies access restrictions. It is
|
|
typically called after the user has been authenticated.
|
|
</para>
|
|
<para>
|
|
The <emphasis>pamh</emphasis> argument is an authentication
|
|
handle obtained by a prior call to pam_start().
|
|
The flags argument is the binary or of zero or more of the
|
|
following values:
|
|
</para>
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term>PAM_SILENT</term>
|
|
<listitem>
|
|
<para>
|
|
Do not emit any messages.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>PAM_DISALLOW_NULL_AUTHTOK</term>
|
|
<listitem>
|
|
<para>
|
|
The PAM module service should return PAM_NEW_AUTHTOK_REQD
|
|
if the user has a null authentication token.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1 id="pam_acct_mgmt-return_values">
|
|
<title>RETURN VALUES</title>
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term>PAM_ACCT_EXPIRED</term>
|
|
<listitem>
|
|
<para>
|
|
User account has expired.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>PAM_AUTH_ERR</term>
|
|
<listitem>
|
|
<para>
|
|
Authentication failure.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>PAM_NEW_AUTHTOK_REQD</term>
|
|
<listitem>
|
|
<para>
|
|
The user account is valid but their authentication token
|
|
is <emphasis>expired</emphasis>. The correct response to
|
|
this return-value is to require that the user satisfies
|
|
the <function>pam_chauthtok()</function> function before
|
|
obtaining service. It may not be possible for some
|
|
applications to do this. In such cases, the user should be
|
|
denied access until such time as they can update their password.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>PAM_PERM_DENIED</term>
|
|
<listitem>
|
|
<para>
|
|
Permission denied.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>PAM_SUCCESS</term>
|
|
<listitem>
|
|
<para>
|
|
The authentication token was successfully updated.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>PAM_USER_UNKNOWN</term>
|
|
<listitem>
|
|
<para>
|
|
User unknown to password service.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1 id='pam_acct_mgmt-see_also'>
|
|
<title>SEE ALSO</title>
|
|
<para>
|
|
<citerefentry>
|
|
<refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
|
|
</citerefentry>
|
|
</para>
|
|
</refsect1>
|
|
</refentry>
|