2 * Copyright (c) 1996 by
3 * Sean Eric Fagan <sef@kithrup.com>
4 * David Nugent <davidn@blaze.net.au>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, is permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice immediately at the beginning of the file, without modification,
12 * this list of conditions, and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. This work was done expressly for inclusion into FreeBSD. Other use
17 * is permitted provided this notation is included.
18 * 4. Absolutely no warranty of function or purpose is made by the authors.
19 * 5. Modifications may be freely made to this file providing the above
22 * Low-level routines relating to the user capabilities database
24 * Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
25 * $FreeBSD: src/lib/libutil/login_cap.h,v 1.3.2.1 2000/09/20 11:19:54 green Exp $
26 * $DragonFly: src/lib/libutil/login_cap.h,v 1.2 2003/06/17 04:26:52 dillon Exp $
32 #define LOGIN_DEFCLASS "default"
33 #define LOGIN_DEFROOTCLASS "root"
34 #define LOGIN_MECLASS "me"
35 #define LOGIN_DEFSTYLE "passwd"
36 #define LOGIN_DEFSERVICE "login"
37 #define LOGIN_DEFUMASK 022
38 #define LOGIN_DEFPRI 0
39 #define _PATH_LOGIN_CONF "/etc/login.conf"
40 #define _FILE_LOGIN_CONF ".login_conf"
41 #define _PATH_AUTHPROG "/usr/libexec/login_"
43 #define LOGIN_SETGROUP 0x0001 /* set group */
44 #define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */
45 #define LOGIN_SETPATH 0x0004 /* set path */
46 #define LOGIN_SETPRIORITY 0x0008 /* set priority */
47 #define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */
48 #define LOGIN_SETUMASK 0x0020 /* set umask, obviously */
49 #define LOGIN_SETUSER 0x0040 /* set user (via setuid) */
50 #define LOGIN_SETENV 0x0080 /* set user environment */
51 #define LOGIN_SETALL 0x00ff /* set everything */
53 #define BI_AUTH "authorize" /* accepted authentication */
54 #define BI_REJECT "reject" /* rejected authentication */
55 #define BI_CHALLENG "reject challenge" /* reject with a challenge */
56 #define BI_SILENT "reject silent" /* reject silently */
57 #define BI_REMOVE "remove" /* remove file on error */
58 #define BI_ROOTOKAY "authorize root" /* root authenticated */
59 #define BI_SECURE "authorize secure" /* okay on non-secure line */
60 #define BI_SETENV "setenv" /* set environment variable */
61 #define BI_VALUE "value" /* set local variable */
63 #define AUTH_OKAY 0x01 /* user authenticated */
64 #define AUTH_ROOTOKAY 0x02 /* root login okay */
65 #define AUTH_SECURE 0x04 /* secure login */
66 #define AUTH_SILENT 0x08 /* silent rejection */
67 #define AUTH_CHALLENGE 0x10 /* a chellenge was given */
69 #define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
71 typedef struct login_cap {
77 typedef struct login_time {
78 u_short lt_start; /* Start time */
79 u_short lt_end; /* End time */
91 u_char lt_dow; /* Days of week */
94 #define LC_MAXTIMES 64
96 #include <sys/cdefs.h>
100 void login_close __P((login_cap_t *));
101 login_cap_t *login_getclassbyname __P((const char *, const struct passwd *));
102 login_cap_t *login_getclass __P((const char *));
103 login_cap_t *login_getpwclass __P((const struct passwd *));
104 login_cap_t *login_getuserclass __P((const struct passwd *));
106 char *login_getcapstr __P((login_cap_t*, const char *, char *, char *));
107 char **login_getcaplist __P((login_cap_t *, const char *, const char *));
108 char *login_getstyle __P((login_cap_t *, char *, const char *));
109 rlim_t login_getcaptime __P((login_cap_t *, const char *, rlim_t, rlim_t));
110 rlim_t login_getcapnum __P((login_cap_t *, const char *, rlim_t, rlim_t));
111 rlim_t login_getcapsize __P((login_cap_t *, const char *, rlim_t, rlim_t));
112 char *login_getpath __P((login_cap_t *, const char *, char *));
113 int login_getcapbool __P((login_cap_t *, const char *, int));
114 const char *login_setcryptfmt __P((login_cap_t *, const char *, const char *));
116 int setclasscontext __P((const char*, unsigned int));
117 int setusercontext __P((login_cap_t*, const struct passwd*, uid_t, unsigned int));
118 void setclassresources __P((login_cap_t *));
119 void setclassenvironment __P((login_cap_t *, const struct passwd *, int));
121 /* Most of these functions are deprecated */
122 int auth_approve __P((login_cap_t*, const char*, const char*));
123 int auth_check __P((const char *, const char *, const char *, const char *, int *));
124 void auth_env __P((void));
125 char *auth_mkvalue __P((const char *n));
126 int auth_response __P((const char *, const char *, const char *, const char *, int *, const char *, const char *));
127 void auth_rmfiles __P((void));
128 int auth_scan __P((int));
129 int auth_script __P((const char*, ...));
130 int auth_script_data __P((const char *, int, const char *, ...));
131 char *auth_valud __P((const char *));
132 int auth_setopt __P((const char *, const char *));
133 void auth_clropts __P((void));
135 void auth_checknologin __P((login_cap_t*));
136 int auth_cat __P((const char*));
138 int auth_ttyok __P((login_cap_t*, const char *));
139 int auth_hostok __P((login_cap_t*, const char *, char const *));
140 int auth_timeok __P((login_cap_t*, time_t));
144 login_time_t parse_lt __P((const char *));
145 int in_ltm __P((const login_time_t *, struct tm *, time_t *));
146 int in_ltms __P((const login_time_t *, struct tm *, time_t *));
148 /* helper functions */
150 int login_strinlist __P((char **, char const *, int));
151 int login_str2inlist __P((char **, const char *, const char *, int));
152 login_time_t * login_timelist __P((login_cap_t *, char const *, int *, login_time_t **));
153 int login_ttyok __P((login_cap_t *, const char *, const char *, const char *));
154 int login_hostok __P((login_cap_t *, const char *, const char *, const char *, const char *));
158 #endif /* _LOGIN_CAP_H_ */