1 /*- 2 * Copyright (c) 1996 by 3 * Sean Eric Fagan <sef@kithrup.com> 4 * David Nugent <davidn@blaze.net.au> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, is permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice immediately at the beginning of the file, without modification, 12 * this list of conditions, and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. This work was done expressly for inclusion into FreeBSD. Other use 17 * is permitted provided this notation is included. 18 * 4. Absolutely no warranty of function or purpose is made by the authors. 19 * 5. Modifications may be freely made to this file providing the above 20 * conditions are met. 21 * 22 * Low-level routines relating to the user capabilities database 23 * 24 * Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp 25 * $FreeBSD: src/lib/libutil/login_cap.h,v 1.3.2.1 2000/09/20 11:19:54 green Exp $ 26 * $DragonFly: src/lib/libutil/login_cap.h,v 1.3 2003/11/12 20:21:31 eirikn Exp $ 27 */ 28 29 #ifndef _LOGIN_CAP_H_ 30 #define _LOGIN_CAP_H_ 31 32 #define LOGIN_DEFCLASS "default" 33 #define LOGIN_DEFROOTCLASS "root" 34 #define LOGIN_MECLASS "me" 35 #define LOGIN_DEFSTYLE "passwd" 36 #define LOGIN_DEFSERVICE "login" 37 #define LOGIN_DEFUMASK 022 38 #define LOGIN_DEFPRI 0 39 #define _PATH_LOGIN_CONF "/etc/login.conf" 40 #define _FILE_LOGIN_CONF ".login_conf" 41 #define _PATH_AUTHPROG "/usr/libexec/login_" 42 43 #define LOGIN_SETGROUP 0x0001 /* set group */ 44 #define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */ 45 #define LOGIN_SETPATH 0x0004 /* set path */ 46 #define LOGIN_SETPRIORITY 0x0008 /* set priority */ 47 #define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */ 48 #define LOGIN_SETUMASK 0x0020 /* set umask, obviously */ 49 #define LOGIN_SETUSER 0x0040 /* set user (via setuid) */ 50 #define LOGIN_SETENV 0x0080 /* set user environment */ 51 #define LOGIN_SETALL 0x00ff /* set everything */ 52 53 #define BI_AUTH "authorize" /* accepted authentication */ 54 #define BI_REJECT "reject" /* rejected authentication */ 55 #define BI_CHALLENG "reject challenge" /* reject with a challenge */ 56 #define BI_SILENT "reject silent" /* reject silently */ 57 #define BI_REMOVE "remove" /* remove file on error */ 58 #define BI_ROOTOKAY "authorize root" /* root authenticated */ 59 #define BI_SECURE "authorize secure" /* okay on non-secure line */ 60 #define BI_SETENV "setenv" /* set environment variable */ 61 #define BI_VALUE "value" /* set local variable */ 62 63 #define AUTH_OKAY 0x01 /* user authenticated */ 64 #define AUTH_ROOTOKAY 0x02 /* root login okay */ 65 #define AUTH_SECURE 0x04 /* secure login */ 66 #define AUTH_SILENT 0x08 /* silent rejection */ 67 #define AUTH_CHALLENGE 0x10 /* a chellenge was given */ 68 69 #define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE) 70 71 typedef struct login_cap { 72 char *lc_class; 73 char *lc_cap; 74 char *lc_style; 75 } login_cap_t; 76 77 typedef struct login_time { 78 u_short lt_start; /* Start time */ 79 u_short lt_end; /* End time */ 80 #define LTM_NONE 0x00 81 #define LTM_SUN 0x01 82 #define LTM_MON 0x02 83 #define LTM_TUE 0x04 84 #define LTM_WED 0x08 85 #define LTM_THU 0x10 86 #define LTM_FRI 0x20 87 #define LTM_SAT 0x40 88 #define LTM_ANY 0x7F 89 #define LTM_WK 0x3E 90 #define LTM_WD 0x41 91 u_char lt_dow; /* Days of week */ 92 } login_time_t; 93 94 #define LC_MAXTIMES 64 95 96 #include <sys/cdefs.h> 97 __BEGIN_DECLS 98 struct passwd; 99 100 void login_close (login_cap_t *); 101 login_cap_t *login_getclassbyname (const char *, const struct passwd *); 102 login_cap_t *login_getclass (const char *); 103 login_cap_t *login_getpwclass (const struct passwd *); 104 login_cap_t *login_getuserclass (const struct passwd *); 105 106 char *login_getcapstr (login_cap_t*, const char *, char *, char *); 107 char **login_getcaplist (login_cap_t *, const char *, const char *); 108 char *login_getstyle (login_cap_t *, char *, const char *); 109 rlim_t login_getcaptime (login_cap_t *, const char *, rlim_t, rlim_t); 110 rlim_t login_getcapnum (login_cap_t *, const char *, rlim_t, rlim_t); 111 rlim_t login_getcapsize (login_cap_t *, const char *, rlim_t, rlim_t); 112 char *login_getpath (login_cap_t *, const char *, char *); 113 int login_getcapbool (login_cap_t *, const char *, int); 114 const char *login_setcryptfmt (login_cap_t *, const char *, const char *); 115 116 int setclasscontext (const char*, unsigned int); 117 int setusercontext (login_cap_t*, const struct passwd*, uid_t, unsigned int); 118 void setclassresources (login_cap_t *); 119 void setclassenvironment (login_cap_t *, const struct passwd *, int); 120 121 /* Most of these functions are deprecated */ 122 int auth_approve (login_cap_t*, const char*, const char*); 123 int auth_check (const char *, const char *, const char *, const char *, int *); 124 void auth_env (void); 125 char *auth_mkvalue (const char *n); 126 int auth_response (const char *, const char *, const char *, const char *, int *, const char *, const char *); 127 void auth_rmfiles (void); 128 int auth_scan (int); 129 int auth_script (const char*, ...); 130 int auth_script_data (const char *, int, const char *, ...); 131 char *auth_valud (const char *); 132 int auth_setopt (const char *, const char *); 133 void auth_clropts (void); 134 135 void auth_checknologin (login_cap_t*); 136 int auth_cat (const char*); 137 138 int auth_ttyok (login_cap_t*, const char *); 139 int auth_hostok (login_cap_t*, const char *, char const *); 140 int auth_timeok (login_cap_t*, time_t); 141 142 struct tm; 143 144 login_time_t parse_lt (const char *); 145 int in_ltm (const login_time_t *, struct tm *, time_t *); 146 int in_ltms (const login_time_t *, struct tm *, time_t *); 147 148 /* helper functions */ 149 150 int login_strinlist (char **, char const *, int); 151 int login_str2inlist (char **, const char *, const char *, int); 152 login_time_t * login_timelist (login_cap_t *, char const *, int *, login_time_t **); 153 int login_ttyok (login_cap_t *, const char *, const char *, const char *); 154 int login_hostok (login_cap_t *, const char *, const char *, const char *, const char *); 155 156 __END_DECLS 157 158 #endif /* _LOGIN_CAP_H_ */ 159