1/*- 2 * Copyright (c) 1996 by 3 * Sean Eric Fagan <sef@kithrup.com> 4 * David Nugent <davidn@blaze.net.au> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, is permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice immediately at the beginning of the file, without modification, 12 * this list of conditions, and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. This work was done expressly for inclusion into FreeBSD. Other use 17 * is permitted provided this notation is included. 18 * 4. Absolutely no warranty of function or purpose is made by the authors. 19 * 5. Modifications may be freely made to this file providing the above 20 * conditions are met. 21 * 22 * Low-level routines relating to the user capabilities database 23 * 24 * Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
| 1/*- 2 * Copyright (c) 1996 by 3 * Sean Eric Fagan <sef@kithrup.com> 4 * David Nugent <davidn@blaze.net.au> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, is permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice immediately at the beginning of the file, without modification, 12 * this list of conditions, and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. This work was done expressly for inclusion into FreeBSD. Other use 17 * is permitted provided this notation is included. 18 * 4. Absolutely no warranty of function or purpose is made by the authors. 19 * 5. Modifications may be freely made to this file providing the above 20 * conditions are met. 21 * 22 * Low-level routines relating to the user capabilities database 23 * 24 * Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
|
26 */ 27 28#ifndef _LOGIN_CAP_H_ 29#define _LOGIN_CAP_H_ 30 31#define LOGIN_DEFCLASS "default" 32#define LOGIN_DEFROOTCLASS "root" 33#define LOGIN_MECLASS "me" 34#define LOGIN_DEFSTYLE "passwd" 35#define LOGIN_DEFSERVICE "login" 36#define LOGIN_DEFUMASK 022 37#define LOGIN_DEFPRI 0 38#define _PATH_LOGIN_CONF "/etc/login.conf" 39#define _FILE_LOGIN_CONF ".login_conf" 40#define _PATH_AUTHPROG "/usr/libexec/login_" 41 42#define LOGIN_SETGROUP 0x0001 /* set group */ 43#define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */ 44#define LOGIN_SETPATH 0x0004 /* set path */ 45#define LOGIN_SETPRIORITY 0x0008 /* set priority */ 46#define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */ 47#define LOGIN_SETUMASK 0x0020 /* set umask, obviously */ 48#define LOGIN_SETUSER 0x0040 /* set user (via setuid) */ 49#define LOGIN_SETENV 0x0080 /* set user environment */ 50#define LOGIN_SETMAC 0x0100 /* set user default MAC label */ 51#define LOGIN_SETCPUMASK 0x0200 /* set user cpumask */ 52#define LOGIN_SETALL 0x03ff /* set everything */ 53 54#define BI_AUTH "authorize" /* accepted authentication */ 55#define BI_REJECT "reject" /* rejected authentication */ 56#define BI_CHALLENG "reject challenge" /* reject with a challenge */ 57#define BI_SILENT "reject silent" /* reject silently */ 58#define BI_REMOVE "remove" /* remove file on error */ 59#define BI_ROOTOKAY "authorize root" /* root authenticated */ 60#define BI_SECURE "authorize secure" /* okay on non-secure line */ 61#define BI_SETENV "setenv" /* set environment variable */ 62#define BI_VALUE "value" /* set local variable */ 63 64#define AUTH_OKAY 0x01 /* user authenticated */ 65#define AUTH_ROOTOKAY 0x02 /* root login okay */ 66#define AUTH_SECURE 0x04 /* secure login */ 67#define AUTH_SILENT 0x08 /* silent rejection */ 68#define AUTH_CHALLENGE 0x10 /* a chellenge was given */ 69 70#define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE) 71 72typedef struct login_cap { 73 char *lc_class; 74 char *lc_cap; 75 char *lc_style; 76} login_cap_t; 77 78typedef struct login_time { 79 u_short lt_start; /* Start time */ 80 u_short lt_end; /* End time */ 81#define LTM_NONE 0x00 82#define LTM_SUN 0x01 83#define LTM_MON 0x02 84#define LTM_TUE 0x04 85#define LTM_WED 0x08 86#define LTM_THU 0x10 87#define LTM_FRI 0x20 88#define LTM_SAT 0x40 89#define LTM_ANY 0x7F 90#define LTM_WK 0x3E 91#define LTM_WD 0x41 92 u_char lt_dow; /* Days of week */ 93} login_time_t; 94 95#define LC_MAXTIMES 64 96 97#include <sys/cdefs.h> 98__BEGIN_DECLS 99struct passwd; 100 101void login_close(login_cap_t *); 102login_cap_t *login_getclassbyname(const char *, const struct passwd *); 103login_cap_t *login_getclass(const char *); 104login_cap_t *login_getpwclass(const struct passwd *); 105login_cap_t *login_getuserclass(const struct passwd *); 106 107const char *login_getcapstr(login_cap_t *, const char *, const char *, 108 const char *); 109const char **login_getcaplist(login_cap_t *, const char *, const char *); 110const char *login_getstyle(login_cap_t *, const char *, const char *); 111rlim_t login_getcaptime(login_cap_t *, const char *, rlim_t, rlim_t); 112rlim_t login_getcapnum(login_cap_t *, const char *, rlim_t, rlim_t); 113rlim_t login_getcapsize(login_cap_t *, const char *, rlim_t, rlim_t); 114const char *login_getpath(login_cap_t *, const char *, const char *); 115int login_getcapbool(login_cap_t *, const char *, int); 116const char *login_setcryptfmt(login_cap_t *, const char *, const char *); 117 118int setclasscontext(const char *, unsigned int); 119void setclasscpumask(login_cap_t *); 120int setusercontext(login_cap_t *, const struct passwd *, uid_t, unsigned int); 121void setclassresources(login_cap_t *); 122void setclassenvironment(login_cap_t *, const struct passwd *, int); 123 124/* Most of these functions are deprecated */ 125int auth_approve(login_cap_t *, const char *, const char *); 126int auth_check(const char *, const char *, const char *, const char *, int *); 127void auth_env(void); 128char *auth_mkvalue(const char *); 129int auth_response(const char *, const char *, const char *, const char *, int *, 130 const char *, const char *); 131void auth_rmfiles(void); 132int auth_scan(int); 133int auth_script(const char *, ...); 134int auth_script_data(const char *, int, const char *, ...); 135char *auth_valud(const char *); 136int auth_setopt(const char *, const char *); 137void auth_clropts(void); 138 139void auth_checknologin(login_cap_t *); 140int auth_cat(const char *); 141 142int auth_ttyok(login_cap_t *, const char *); 143int auth_hostok(login_cap_t *, const char *, char const *); 144int auth_timeok(login_cap_t *, time_t); 145 146struct tm; 147 148login_time_t parse_lt(const char *);
| 26 */ 27 28#ifndef _LOGIN_CAP_H_ 29#define _LOGIN_CAP_H_ 30 31#define LOGIN_DEFCLASS "default" 32#define LOGIN_DEFROOTCLASS "root" 33#define LOGIN_MECLASS "me" 34#define LOGIN_DEFSTYLE "passwd" 35#define LOGIN_DEFSERVICE "login" 36#define LOGIN_DEFUMASK 022 37#define LOGIN_DEFPRI 0 38#define _PATH_LOGIN_CONF "/etc/login.conf" 39#define _FILE_LOGIN_CONF ".login_conf" 40#define _PATH_AUTHPROG "/usr/libexec/login_" 41 42#define LOGIN_SETGROUP 0x0001 /* set group */ 43#define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */ 44#define LOGIN_SETPATH 0x0004 /* set path */ 45#define LOGIN_SETPRIORITY 0x0008 /* set priority */ 46#define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */ 47#define LOGIN_SETUMASK 0x0020 /* set umask, obviously */ 48#define LOGIN_SETUSER 0x0040 /* set user (via setuid) */ 49#define LOGIN_SETENV 0x0080 /* set user environment */ 50#define LOGIN_SETMAC 0x0100 /* set user default MAC label */ 51#define LOGIN_SETCPUMASK 0x0200 /* set user cpumask */ 52#define LOGIN_SETALL 0x03ff /* set everything */ 53 54#define BI_AUTH "authorize" /* accepted authentication */ 55#define BI_REJECT "reject" /* rejected authentication */ 56#define BI_CHALLENG "reject challenge" /* reject with a challenge */ 57#define BI_SILENT "reject silent" /* reject silently */ 58#define BI_REMOVE "remove" /* remove file on error */ 59#define BI_ROOTOKAY "authorize root" /* root authenticated */ 60#define BI_SECURE "authorize secure" /* okay on non-secure line */ 61#define BI_SETENV "setenv" /* set environment variable */ 62#define BI_VALUE "value" /* set local variable */ 63 64#define AUTH_OKAY 0x01 /* user authenticated */ 65#define AUTH_ROOTOKAY 0x02 /* root login okay */ 66#define AUTH_SECURE 0x04 /* secure login */ 67#define AUTH_SILENT 0x08 /* silent rejection */ 68#define AUTH_CHALLENGE 0x10 /* a chellenge was given */ 69 70#define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE) 71 72typedef struct login_cap { 73 char *lc_class; 74 char *lc_cap; 75 char *lc_style; 76} login_cap_t; 77 78typedef struct login_time { 79 u_short lt_start; /* Start time */ 80 u_short lt_end; /* End time */ 81#define LTM_NONE 0x00 82#define LTM_SUN 0x01 83#define LTM_MON 0x02 84#define LTM_TUE 0x04 85#define LTM_WED 0x08 86#define LTM_THU 0x10 87#define LTM_FRI 0x20 88#define LTM_SAT 0x40 89#define LTM_ANY 0x7F 90#define LTM_WK 0x3E 91#define LTM_WD 0x41 92 u_char lt_dow; /* Days of week */ 93} login_time_t; 94 95#define LC_MAXTIMES 64 96 97#include <sys/cdefs.h> 98__BEGIN_DECLS 99struct passwd; 100 101void login_close(login_cap_t *); 102login_cap_t *login_getclassbyname(const char *, const struct passwd *); 103login_cap_t *login_getclass(const char *); 104login_cap_t *login_getpwclass(const struct passwd *); 105login_cap_t *login_getuserclass(const struct passwd *); 106 107const char *login_getcapstr(login_cap_t *, const char *, const char *, 108 const char *); 109const char **login_getcaplist(login_cap_t *, const char *, const char *); 110const char *login_getstyle(login_cap_t *, const char *, const char *); 111rlim_t login_getcaptime(login_cap_t *, const char *, rlim_t, rlim_t); 112rlim_t login_getcapnum(login_cap_t *, const char *, rlim_t, rlim_t); 113rlim_t login_getcapsize(login_cap_t *, const char *, rlim_t, rlim_t); 114const char *login_getpath(login_cap_t *, const char *, const char *); 115int login_getcapbool(login_cap_t *, const char *, int); 116const char *login_setcryptfmt(login_cap_t *, const char *, const char *); 117 118int setclasscontext(const char *, unsigned int); 119void setclasscpumask(login_cap_t *); 120int setusercontext(login_cap_t *, const struct passwd *, uid_t, unsigned int); 121void setclassresources(login_cap_t *); 122void setclassenvironment(login_cap_t *, const struct passwd *, int); 123 124/* Most of these functions are deprecated */ 125int auth_approve(login_cap_t *, const char *, const char *); 126int auth_check(const char *, const char *, const char *, const char *, int *); 127void auth_env(void); 128char *auth_mkvalue(const char *); 129int auth_response(const char *, const char *, const char *, const char *, int *, 130 const char *, const char *); 131void auth_rmfiles(void); 132int auth_scan(int); 133int auth_script(const char *, ...); 134int auth_script_data(const char *, int, const char *, ...); 135char *auth_valud(const char *); 136int auth_setopt(const char *, const char *); 137void auth_clropts(void); 138 139void auth_checknologin(login_cap_t *); 140int auth_cat(const char *); 141 142int auth_ttyok(login_cap_t *, const char *); 143int auth_hostok(login_cap_t *, const char *, char const *); 144int auth_timeok(login_cap_t *, time_t); 145 146struct tm; 147 148login_time_t parse_lt(const char *);
|
151 152/* helper functions */ 153 154int login_strinlist(const char **, char const *, int); 155int login_str2inlist(const char **, const char *, const char *, int); 156login_time_t * login_timelist(login_cap_t *, char const *, int *, 157 login_time_t **); 158int login_ttyok(login_cap_t *, const char *, const char *, const char *); 159int login_hostok(login_cap_t *, const char *, const char *, const char *, 160 const char *); 161 162__END_DECLS 163 164#endif /* _LOGIN_CAP_H_ */
| 153 154/* helper functions */ 155 156int login_strinlist(const char **, char const *, int); 157int login_str2inlist(const char **, const char *, const char *, int); 158login_time_t * login_timelist(login_cap_t *, char const *, int *, 159 login_time_t **); 160int login_ttyok(login_cap_t *, const char *, const char *, const char *); 161int login_hostok(login_cap_t *, const char *, const char *, const char *, 162 const char *); 163 164__END_DECLS 165 166#endif /* _LOGIN_CAP_H_ */
|