1*805ea040Stedu /* $OpenBSD: login_cap.h,v 1.19 2022/03/01 01:22:11 tedu Exp $ */ 2362f029cSmillert 3362f029cSmillert /*- 4362f029cSmillert * Copyright (c) 1995,1997 Berkeley Software Design, Inc. All rights reserved. 5362f029cSmillert * 6362f029cSmillert * Redistribution and use in source and binary forms, with or without 7362f029cSmillert * modification, are permitted provided that the following conditions 8362f029cSmillert * are met: 9362f029cSmillert * 1. Redistributions of source code must retain the above copyright 10362f029cSmillert * notice, this list of conditions and the following disclaimer. 11362f029cSmillert * 2. Redistributions in binary form must reproduce the above copyright 12362f029cSmillert * notice, this list of conditions and the following disclaimer in the 13362f029cSmillert * documentation and/or other materials provided with the distribution. 14362f029cSmillert * 3. All advertising materials mentioning features or use of this software 15362f029cSmillert * must display the following acknowledgement: 16362f029cSmillert * This product includes software developed by Berkeley Software Design, 17362f029cSmillert * Inc. 18362f029cSmillert * 4. The name of Berkeley Software Design, Inc. may not be used to endorse 19362f029cSmillert * or promote products derived from this software without specific prior 20362f029cSmillert * written permission. 21362f029cSmillert * 22362f029cSmillert * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND 23362f029cSmillert * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24362f029cSmillert * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25362f029cSmillert * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE 26362f029cSmillert * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27362f029cSmillert * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28362f029cSmillert * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29362f029cSmillert * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30362f029cSmillert * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31362f029cSmillert * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32362f029cSmillert * SUCH DAMAGE. 33362f029cSmillert * 34362f029cSmillert * BSDI $From: login_cap.h,v 2.11 1999/09/08 18:11:57 prb Exp $ 35362f029cSmillert */ 36362f029cSmillert 37504e5da2Smillert #ifndef _LOGIN_CAP_H_ 38504e5da2Smillert #define _LOGIN_CAP_H_ 39504e5da2Smillert 40362f029cSmillert #define LOGIN_DEFCLASS "default" 41756873d8Smillert #define LOGIN_DEFSTYLE "passwd" 42362f029cSmillert #define LOGIN_DEFSERVICE "login" 43362f029cSmillert #define LOGIN_DEFUMASK 022 44362f029cSmillert #define _PATH_LOGIN_CONF "/etc/login.conf" 45d7bd1adbSrobert #define _PATH_LOGIN_CONF_D "/etc/login.conf.d" 462b699e5cSderaadt #define _PATH_AUTHPROGDIR "/usr/libexec/auth" 47362f029cSmillert #define _PATH_AUTHPROG "/usr/libexec/auth/login_" 48362f029cSmillert 49362f029cSmillert #define LOGIN_SETGROUP 0x0001 /* Set group */ 50362f029cSmillert #define LOGIN_SETLOGIN 0x0002 /* Set login */ 51362f029cSmillert #define LOGIN_SETPATH 0x0004 /* Set path */ 52362f029cSmillert #define LOGIN_SETPRIORITY 0x0008 /* Set priority */ 53362f029cSmillert #define LOGIN_SETRESOURCES 0x0010 /* Set resource limits */ 54362f029cSmillert #define LOGIN_SETUMASK 0x0020 /* Set umask */ 55362f029cSmillert #define LOGIN_SETUSER 0x0040 /* Set user */ 561b4bf431Smillert #define LOGIN_SETENV 0x0080 /* Set environment */ 57*805ea040Stedu #define LOGIN_SETRTABLE 0x0100 /* Set rtable */ 58*805ea040Stedu #define LOGIN_SETALL 0x01ff /* Set all. */ 59362f029cSmillert 60362f029cSmillert #define BI_AUTH "authorize" /* Accepted authentication */ 61362f029cSmillert #define BI_REJECT "reject" /* Rejected authentication */ 62362f029cSmillert #define BI_CHALLENGE "reject challenge" /* Reject with a challenge */ 63362f029cSmillert #define BI_SILENT "reject silent" /* Reject silently */ 64362f029cSmillert #define BI_REMOVE "remove" /* remove file on error */ 65362f029cSmillert #define BI_ROOTOKAY "authorize root" /* root authenticated */ 66362f029cSmillert #define BI_SECURE "authorize secure" /* okay on non-secure line */ 67362f029cSmillert #define BI_SETENV "setenv" /* set environment variable */ 68362f029cSmillert #define BI_UNSETENV "unsetenv" /* unset environment variable */ 69362f029cSmillert #define BI_VALUE "value" /* set local variable */ 70362f029cSmillert #define BI_EXPIRED "reject expired" /* account expired */ 71362f029cSmillert #define BI_PWEXPIRED "reject pwexpired" /* password expired */ 724f52662fSmillert #define BI_FDPASS "fd" /* child is passing an fd */ 73362f029cSmillert 74362f029cSmillert /* 75362f029cSmillert * bits which can be returned by authenticate()/auth_scan() 76362f029cSmillert */ 7782fb7937Sderaadt #define AUTH_OKAY 0x01 /* user authenticated */ 78362f029cSmillert #define AUTH_ROOTOKAY 0x02 /* authenticated as root */ 79362f029cSmillert #define AUTH_SECURE 0x04 /* secure login */ 80362f029cSmillert #define AUTH_SILENT 0x08 /* silent rejection */ 81362f029cSmillert #define AUTH_CHALLENGE 0x10 /* a challenge was given */ 82362f029cSmillert #define AUTH_EXPIRED 0x20 /* account expired */ 83362f029cSmillert #define AUTH_PWEXPIRED 0x40 /* password expired */ 84362f029cSmillert 85362f029cSmillert #define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE) 86362f029cSmillert 879528a93aSmillert typedef struct login_cap { 88362f029cSmillert char *lc_class; 89362f029cSmillert char *lc_cap; 90362f029cSmillert char *lc_style; 91362f029cSmillert } login_cap_t; 92362f029cSmillert 93362f029cSmillert #include <sys/cdefs.h> 94362f029cSmillert __BEGIN_DECLS 95362f029cSmillert struct passwd; 96362f029cSmillert 97c72b5b24Smillert login_cap_t *login_getclass(char *); 98c72b5b24Smillert void login_close(login_cap_t *); 99d1f942abSespie int login_getcapbool(login_cap_t *, char *, unsigned int); 100c72b5b24Smillert quad_t login_getcapnum(login_cap_t *, char *, quad_t, quad_t); 101c72b5b24Smillert quad_t login_getcapsize(login_cap_t *, char *, quad_t, quad_t); 102c72b5b24Smillert char *login_getcapstr(login_cap_t *, char *, char *, char *); 103c72b5b24Smillert quad_t login_getcaptime(login_cap_t *, char *, quad_t, quad_t); 104c72b5b24Smillert char *login_getstyle(login_cap_t *, char *, char *); 105362f029cSmillert 106d1f942abSespie int setclasscontext(char *, unsigned int); 107d1f942abSespie int setusercontext(login_cap_t *, struct passwd *, uid_t, unsigned int); 108362f029cSmillert 109362f029cSmillert __END_DECLS 110504e5da2Smillert 111504e5da2Smillert #endif /* _LOGIN_CAP_H_ */ 112