xref: /openbsd/include/login_cap.h (revision 805ea040) 
1*805ea040Stedu /*	$OpenBSD: login_cap.h,v 1.19 2022/03/01 01:22:11 tedu Exp $	*/
2362f029cSmillert 
3362f029cSmillert /*-
4362f029cSmillert  * Copyright (c) 1995,1997 Berkeley Software Design, Inc. All rights reserved.
5362f029cSmillert  *
6362f029cSmillert  * Redistribution and use in source and binary forms, with or without
7362f029cSmillert  * modification, are permitted provided that the following conditions
8362f029cSmillert  * are met:
9362f029cSmillert  * 1. Redistributions of source code must retain the above copyright
10362f029cSmillert  *    notice, this list of conditions and the following disclaimer.
11362f029cSmillert  * 2. Redistributions in binary form must reproduce the above copyright
12362f029cSmillert  *    notice, this list of conditions and the following disclaimer in the
13362f029cSmillert  *    documentation and/or other materials provided with the distribution.
14362f029cSmillert  * 3. All advertising materials mentioning features or use of this software
15362f029cSmillert  *    must display the following acknowledgement:
16362f029cSmillert  *	This product includes software developed by Berkeley Software Design,
17362f029cSmillert  *	Inc.
18362f029cSmillert  * 4. The name of Berkeley Software Design, Inc.  may not be used to endorse
19362f029cSmillert  *    or promote products derived from this software without specific prior
20362f029cSmillert  *    written permission.
21362f029cSmillert  *
22362f029cSmillert  * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
23362f029cSmillert  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24362f029cSmillert  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25362f029cSmillert  * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE
26362f029cSmillert  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27362f029cSmillert  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28362f029cSmillert  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29362f029cSmillert  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30362f029cSmillert  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31362f029cSmillert  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32362f029cSmillert  * SUCH DAMAGE.
33362f029cSmillert  *
34362f029cSmillert  *	BSDI $From: login_cap.h,v 2.11 1999/09/08 18:11:57 prb Exp $
35362f029cSmillert  */
36362f029cSmillert 
37504e5da2Smillert #ifndef _LOGIN_CAP_H_
38504e5da2Smillert #define _LOGIN_CAP_H_
39504e5da2Smillert 
40362f029cSmillert #define	LOGIN_DEFCLASS		"default"
41756873d8Smillert #define	LOGIN_DEFSTYLE		"passwd"
42362f029cSmillert #define	LOGIN_DEFSERVICE	"login"
43362f029cSmillert #define	LOGIN_DEFUMASK		022
44362f029cSmillert #define	_PATH_LOGIN_CONF	"/etc/login.conf"
45d7bd1adbSrobert #define	_PATH_LOGIN_CONF_D	"/etc/login.conf.d"
462b699e5cSderaadt #define	_PATH_AUTHPROGDIR	"/usr/libexec/auth"
47362f029cSmillert #define	_PATH_AUTHPROG		"/usr/libexec/auth/login_"
48362f029cSmillert 
49362f029cSmillert #define	LOGIN_SETGROUP		0x0001	/* Set group */
50362f029cSmillert #define	LOGIN_SETLOGIN		0x0002	/* Set login */
51362f029cSmillert #define	LOGIN_SETPATH		0x0004	/* Set path */
52362f029cSmillert #define	LOGIN_SETPRIORITY	0x0008	/* Set priority */
53362f029cSmillert #define	LOGIN_SETRESOURCES	0x0010	/* Set resource limits */
54362f029cSmillert #define	LOGIN_SETUMASK		0x0020	/* Set umask */
55362f029cSmillert #define	LOGIN_SETUSER		0x0040	/* Set user */
561b4bf431Smillert #define	LOGIN_SETENV		0x0080	/* Set environment */
57*805ea040Stedu #define	LOGIN_SETRTABLE		0x0100	/* Set rtable */
58*805ea040Stedu #define	LOGIN_SETALL 		0x01ff	/* Set all. */
59362f029cSmillert 
60362f029cSmillert #define	BI_AUTH		"authorize"		/* Accepted authentication */
61362f029cSmillert #define	BI_REJECT	"reject"		/* Rejected authentication */
62362f029cSmillert #define	BI_CHALLENGE	"reject challenge"	/* Reject with a challenge */
63362f029cSmillert #define	BI_SILENT	"reject silent"		/* Reject silently */
64362f029cSmillert #define	BI_REMOVE	"remove"		/* remove file on error */
65362f029cSmillert #define	BI_ROOTOKAY	"authorize root"	/* root authenticated */
66362f029cSmillert #define	BI_SECURE	"authorize secure"	/* okay on non-secure line */
67362f029cSmillert #define	BI_SETENV	"setenv"		/* set environment variable */
68362f029cSmillert #define	BI_UNSETENV	"unsetenv"		/* unset environment variable */
69362f029cSmillert #define	BI_VALUE	"value"			/* set local variable */
70362f029cSmillert #define	BI_EXPIRED	"reject expired"	/* account expired */
71362f029cSmillert #define	BI_PWEXPIRED	"reject pwexpired"	/* password expired */
724f52662fSmillert #define	BI_FDPASS	"fd"			/* child is passing an fd */
73362f029cSmillert 
74362f029cSmillert /*
75362f029cSmillert  * bits which can be returned by authenticate()/auth_scan()
76362f029cSmillert  */
7782fb7937Sderaadt #define	AUTH_OKAY	0x01			/* user authenticated */
78362f029cSmillert #define	AUTH_ROOTOKAY	0x02			/* authenticated as root */
79362f029cSmillert #define	AUTH_SECURE	0x04			/* secure login */
80362f029cSmillert #define	AUTH_SILENT	0x08			/* silent rejection */
81362f029cSmillert #define	AUTH_CHALLENGE	0x10			/* a challenge was given */
82362f029cSmillert #define	AUTH_EXPIRED	0x20			/* account expired */
83362f029cSmillert #define	AUTH_PWEXPIRED	0x40			/* password expired */
84362f029cSmillert 
85362f029cSmillert #define	AUTH_ALLOW	(AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
86362f029cSmillert 
879528a93aSmillert typedef struct login_cap {
88362f029cSmillert 	char	*lc_class;
89362f029cSmillert 	char	*lc_cap;
90362f029cSmillert 	char	*lc_style;
91362f029cSmillert } login_cap_t;
92362f029cSmillert 
93362f029cSmillert #include <sys/cdefs.h>
94362f029cSmillert __BEGIN_DECLS
95362f029cSmillert struct passwd;
96362f029cSmillert 
97c72b5b24Smillert login_cap_t *login_getclass(char *);
98c72b5b24Smillert void	 login_close(login_cap_t *);
99d1f942abSespie int	 login_getcapbool(login_cap_t *, char *, unsigned int);
100c72b5b24Smillert quad_t	 login_getcapnum(login_cap_t *, char *, quad_t, quad_t);
101c72b5b24Smillert quad_t	 login_getcapsize(login_cap_t *, char *, quad_t, quad_t);
102c72b5b24Smillert char	*login_getcapstr(login_cap_t *, char *, char *, char *);
103c72b5b24Smillert quad_t	 login_getcaptime(login_cap_t *, char *, quad_t, quad_t);
104c72b5b24Smillert char	*login_getstyle(login_cap_t *, char *, char *);
105362f029cSmillert 
106d1f942abSespie int	setclasscontext(char *, unsigned int);
107d1f942abSespie int	setusercontext(login_cap_t *, struct passwd *, uid_t, unsigned int);
108362f029cSmillert 
109362f029cSmillert __END_DECLS
110504e5da2Smillert 
111504e5da2Smillert #endif /* _LOGIN_CAP_H_ */
112