diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:22:51 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:22:51 +0000 |
commit | 9ada0093e92388590c7368600ca4e9e3e376f0d0 (patch) | |
tree | a56fe41110023676d7082028cbaa47ca4b6e6164 /doc/man/pam_acct_mgmt.3 | |
parent | Initial commit. (diff) | |
download | pam-upstream/1.5.2.tar.xz pam-upstream/1.5.2.zip |
Adding upstream version 1.5.2.upstream/1.5.2upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | doc/man/pam_acct_mgmt.3 | 100 | ||||
-rw-r--r-- | doc/man/pam_acct_mgmt.3.xml | 145 |
2 files changed, 245 insertions, 0 deletions
diff --git a/doc/man/pam_acct_mgmt.3 b/doc/man/pam_acct_mgmt.3 new file mode 100644 index 0000000..1d95505 --- /dev/null +++ b/doc/man/pam_acct_mgmt.3 @@ -0,0 +1,100 @@ +'\" t +.\" Title: pam_acct_mgmt +.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 09/03/2021 +.\" Manual: Linux-PAM Manual +.\" Source: Linux-PAM Manual +.\" Language: English +.\" +.TH "PAM_ACCT_MGMT" "3" "09/03/2021" "Linux-PAM Manual" "Linux-PAM Manual" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +pam_acct_mgmt \- PAM account validation management +.SH "SYNOPSIS" +.sp +.ft B +.nf +#include <security/pam_appl\&.h> +.fi +.ft +.HP \w'int\ pam_acct_mgmt('u +.BI "int pam_acct_mgmt(pam_handle_t\ *" "pamh" ", int\ " "flags" ");" +.SH "DESCRIPTION" +.PP +The +\fBpam_acct_mgmt\fR +function is used to determine if the user\*(Aqs account is valid\&. It checks for authentication token and account expiration and verifies access restrictions\&. It is typically called after the user has been authenticated\&. +.PP +The +\fIpamh\fR +argument is an authentication handle obtained by a prior call to pam_start()\&. The flags argument is the binary or of zero or more of the following values: +.PP +PAM_SILENT +.RS 4 +Do not emit any messages\&. +.RE +.PP +PAM_DISALLOW_NULL_AUTHTOK +.RS 4 +The PAM module service should return PAM_NEW_AUTHTOK_REQD if the user has a null authentication token\&. +.RE +.SH "RETURN VALUES" +.PP +PAM_ACCT_EXPIRED +.RS 4 +User account has expired\&. +.RE +.PP +PAM_AUTH_ERR +.RS 4 +Authentication failure\&. +.RE +.PP +PAM_NEW_AUTHTOK_REQD +.RS 4 +The user account is valid but their authentication token is +\fIexpired\fR\&. The correct response to this return\-value is to require that the user satisfies the +\fBpam_chauthtok()\fR +function before obtaining service\&. It may not be possible for some applications to do this\&. In such cases, the user should be denied access until such time as they can update their password\&. +.RE +.PP +PAM_PERM_DENIED +.RS 4 +Permission denied\&. +.RE +.PP +PAM_SUCCESS +.RS 4 +The authentication token was successfully updated\&. +.RE +.PP +PAM_USER_UNKNOWN +.RS 4 +User unknown to password service\&. +.RE +.SH "SEE ALSO" +.PP +\fBpam_start\fR(3), +\fBpam_authenticate\fR(3), +\fBpam_chauthtok\fR(3), +\fBpam_strerror\fR(3), +\fBpam\fR(8) diff --git a/doc/man/pam_acct_mgmt.3.xml b/doc/man/pam_acct_mgmt.3.xml new file mode 100644 index 0000000..59760d7 --- /dev/null +++ b/doc/man/pam_acct_mgmt.3.xml @@ -0,0 +1,145 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" + "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"> +<refentry id='pam_acct_mgmt'> + <refmeta> + <refentrytitle>pam_acct_mgmt</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo> + </refmeta> + + <refnamediv id="pam_acct_mgmt-name"> + <refname>pam_acct_mgmt</refname> + <refpurpose>PAM account validation management</refpurpose> + </refnamediv> + +<!-- body begins here --> + + <refsynopsisdiv> + <funcsynopsis id='pam_acct_mgmt-synopsis'> + <funcsynopsisinfo>#include <security/pam_appl.h></funcsynopsisinfo> + <funcprototype> + <funcdef>int <function>pam_acct_mgmt</function></funcdef> + <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef> + <paramdef>int <parameter>flags</parameter></paramdef> + </funcprototype> + </funcsynopsis> + </refsynopsisdiv> + + + <refsect1 id='pam_acct_mgmt-description'> + <title>DESCRIPTION</title> + <para> + The <function>pam_acct_mgmt</function> function is used to determine + if the user's account is valid. It checks for authentication token + and account expiration and verifies access restrictions. It is + typically called after the user has been authenticated. + </para> + <para> + The <emphasis>pamh</emphasis> argument is an authentication + handle obtained by a prior call to pam_start(). + The flags argument is the binary or of zero or more of the + following values: + </para> + <variablelist> + <varlistentry> + <term>PAM_SILENT</term> + <listitem> + <para> + Do not emit any messages. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_DISALLOW_NULL_AUTHTOK</term> + <listitem> + <para> + The PAM module service should return PAM_NEW_AUTHTOK_REQD + if the user has a null authentication token. + </para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1 id="pam_acct_mgmt-return_values"> + <title>RETURN VALUES</title> + <variablelist> + <varlistentry> + <term>PAM_ACCT_EXPIRED</term> + <listitem> + <para> + User account has expired. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_AUTH_ERR</term> + <listitem> + <para> + Authentication failure. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_NEW_AUTHTOK_REQD</term> + <listitem> + <para> + The user account is valid but their authentication token + is <emphasis>expired</emphasis>. The correct response to + this return-value is to require that the user satisfies + the <function>pam_chauthtok()</function> function before + obtaining service. It may not be possible for some + applications to do this. In such cases, the user should be + denied access until such time as they can update their password. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_PERM_DENIED</term> + <listitem> + <para> + Permission denied. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_SUCCESS</term> + <listitem> + <para> + The authentication token was successfully updated. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_USER_UNKNOWN</term> + <listitem> + <para> + User unknown to password service. + </para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1 id='pam_acct_mgmt-see_also'> + <title>SEE ALSO</title> + <para> + <citerefentry> + <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>pam_authenticate</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>pam_chauthtok</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> + </para> + </refsect1> +</refentry> |