1 /* pam_nologin module */
4 * $Id: pam_nologin.c,v 1.2 2000/12/04 19:02:34 baggins Exp $
5 * $FreeBSD: src/contrib/libpam/modules/pam_nologin/pam_nologin.c,v 1.3.2.2 2001/06/11 15:28:22 markm Exp $
6 * $DragonFly: src/contrib/libpam/modules/pam_nologin/Attic/pam_nologin.c,v 1.2 2003/06/17 04:24:03 dillon Exp $
8 * Written by Michael K. Johnson <johnsonm@redhat.com> 1996/10/24
16 #include <sys/types.h>
20 #include <security/_pam_macros.h>
22 * here, we make a definition for the externally accessible function
23 * in this file (this definition is required for static a module
24 * but strongly encouraged generally) it is used to instruct the
25 * modules include file to define the function prototypes.
30 #include <security/pam_modules.h>
32 /* --- authentication management functions (only) --- */
35 int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
38 int retval = PAM_SUCCESS;
42 struct passwd *user_pwd;
43 struct pam_conv *conversation;
44 struct pam_message message;
45 struct pam_message *pmessage = &message;
46 struct pam_response *resp = NULL;
49 if ((fd = open("/etc/nologin", O_RDONLY, 0)) >= 0) {
50 /* root can still log in; lusers cannot */
51 if ((pam_get_user(pamh, &username, NULL) != PAM_SUCCESS)
53 return PAM_SERVICE_ERR;
55 user_pwd = getpwnam(username);
56 if (user_pwd && user_pwd->pw_uid == 0) {
57 message.msg_style = PAM_TEXT_INFO;
60 retval = PAM_USER_UNKNOWN;
62 retval = PAM_AUTH_ERR;
64 message.msg_style = PAM_ERROR_MSG;
67 /* fill in message buffer with contents of /etc/nologin */
68 if (fstat(fd, &st) < 0) /* give up trying to display message */
70 message.msg = mtmp = malloc(st.st_size+1);
71 /* if malloc failed... */
72 if (!message.msg) return retval;
73 read(fd, mtmp, st.st_size);
74 mtmp[st.st_size] = '\000';
76 /* Use conversation function to give user contents of /etc/nologin */
77 pam_get_item(pamh, PAM_CONV, (const void **)&conversation);
78 conversation->conv(1, (const struct pam_message **)&pmessage,
79 &resp, conversation->appdata_ptr);
82 _pam_drop_reply(resp, 1);
89 int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
96 /* end of module definition */
98 PAM_MODULE_ENTRY("pam_nologin");