1/*-
2 * Copyright (c) 1996 by
3 * Sean Eric Fagan <sef@kithrup.com>
4 * David Nugent <davidn@blaze.net.au>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, is permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice immediately at the beginning of the file, without modification,
12 * this list of conditions, and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. This work was done expressly for inclusion into FreeBSD. Other use
17 * is permitted provided this notation is included.
18 * 4. Absolutely no warranty of function or purpose is made by the authors.
19 * 5. Modifications may be freely made to this file providing the above
20 * conditions are met.
21 *
22 * Low-level routines relating to the user capabilities database
23 *
24 * Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
| 1/*-
2 * Copyright (c) 1996 by
3 * Sean Eric Fagan <sef@kithrup.com>
4 * David Nugent <davidn@blaze.net.au>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, is permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice immediately at the beginning of the file, without modification,
12 * this list of conditions, and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. This work was done expressly for inclusion into FreeBSD. Other use
17 * is permitted provided this notation is included.
18 * 4. Absolutely no warranty of function or purpose is made by the authors.
19 * 5. Modifications may be freely made to this file providing the above
20 * conditions are met.
21 *
22 * Low-level routines relating to the user capabilities database
23 *
24 * Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
|
26 */
27
28#ifndef _LOGIN_CAP_H_
29#define _LOGIN_CAP_H_
30
31#define LOGIN_DEFCLASS "default"
32#define LOGIN_DEFROOTCLASS "root"
33#define LOGIN_MECLASS "me"
34#define LOGIN_DEFSTYLE "passwd"
35#define LOGIN_DEFSERVICE "login"
36#define LOGIN_DEFUMASK 022
37#define LOGIN_DEFPRI 0
38#define _PATH_LOGIN_CONF "/etc/login.conf"
39#define _FILE_LOGIN_CONF ".login_conf"
40#define _PATH_AUTHPROG "/usr/libexec/login_"
41
42#define LOGIN_SETGROUP 0x0001 /* set group */
43#define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */
44#define LOGIN_SETPATH 0x0004 /* set path */
45#define LOGIN_SETPRIORITY 0x0008 /* set priority */
46#define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */
47#define LOGIN_SETUMASK 0x0020 /* set umask, obviously */
48#define LOGIN_SETUSER 0x0040 /* set user (via setuid) */
49#define LOGIN_SETENV 0x0080 /* set user environment */
50#define LOGIN_SETMAC 0x0100 /* set user default MAC label */
51#define LOGIN_SETCPUMASK 0x0200 /* set user cpumask */
52#define LOGIN_SETALL 0x03ff /* set everything */
53
54#define BI_AUTH "authorize" /* accepted authentication */
55#define BI_REJECT "reject" /* rejected authentication */
56#define BI_CHALLENG "reject challenge" /* reject with a challenge */
57#define BI_SILENT "reject silent" /* reject silently */
58#define BI_REMOVE "remove" /* remove file on error */
59#define BI_ROOTOKAY "authorize root" /* root authenticated */
60#define BI_SECURE "authorize secure" /* okay on non-secure line */
61#define BI_SETENV "setenv" /* set environment variable */
62#define BI_VALUE "value" /* set local variable */
63
64#define AUTH_OKAY 0x01 /* user authenticated */
65#define AUTH_ROOTOKAY 0x02 /* root login okay */
66#define AUTH_SECURE 0x04 /* secure login */
67#define AUTH_SILENT 0x08 /* silent rejection */
68#define AUTH_CHALLENGE 0x10 /* a chellenge was given */
69
70#define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
71
72typedef struct login_cap {
73 char *lc_class;
74 char *lc_cap;
75 char *lc_style;
76} login_cap_t;
77
78typedef struct login_time {
79 u_short lt_start; /* Start time */
80 u_short lt_end; /* End time */
81#define LTM_NONE 0x00
82#define LTM_SUN 0x01
83#define LTM_MON 0x02
84#define LTM_TUE 0x04
85#define LTM_WED 0x08
86#define LTM_THU 0x10
87#define LTM_FRI 0x20
88#define LTM_SAT 0x40
89#define LTM_ANY 0x7F
90#define LTM_WK 0x3E
91#define LTM_WD 0x41
92 u_char lt_dow; /* Days of week */
93} login_time_t;
94
95#define LC_MAXTIMES 64
96
97#include <sys/cdefs.h>
98__BEGIN_DECLS
99struct passwd;
100
101void login_close(login_cap_t *);
102login_cap_t *login_getclassbyname(const char *, const struct passwd *);
103login_cap_t *login_getclass(const char *);
104login_cap_t *login_getpwclass(const struct passwd *);
105login_cap_t *login_getuserclass(const struct passwd *);
106
107const char *login_getcapstr(login_cap_t *, const char *, const char *,
108 const char *);
109const char **login_getcaplist(login_cap_t *, const char *, const char *);
110const char *login_getstyle(login_cap_t *, const char *, const char *);
111rlim_t login_getcaptime(login_cap_t *, const char *, rlim_t, rlim_t);
112rlim_t login_getcapnum(login_cap_t *, const char *, rlim_t, rlim_t);
113rlim_t login_getcapsize(login_cap_t *, const char *, rlim_t, rlim_t);
114const char *login_getpath(login_cap_t *, const char *, const char *);
115int login_getcapbool(login_cap_t *, const char *, int);
116const char *login_setcryptfmt(login_cap_t *, const char *, const char *);
117
118int setclasscontext(const char *, unsigned int);
119void setclasscpumask(login_cap_t *);
120int setusercontext(login_cap_t *, const struct passwd *, uid_t, unsigned int);
121void setclassresources(login_cap_t *);
122void setclassenvironment(login_cap_t *, const struct passwd *, int);
123
124/* Most of these functions are deprecated */
125int auth_approve(login_cap_t *, const char *, const char *);
126int auth_check(const char *, const char *, const char *, const char *, int *);
127void auth_env(void);
128char *auth_mkvalue(const char *);
129int auth_response(const char *, const char *, const char *, const char *, int *,
130 const char *, const char *);
131void auth_rmfiles(void);
132int auth_scan(int);
133int auth_script(const char *, ...);
134int auth_script_data(const char *, int, const char *, ...);
135char *auth_valud(const char *);
136int auth_setopt(const char *, const char *);
137void auth_clropts(void);
138
139void auth_checknologin(login_cap_t *);
140int auth_cat(const char *);
141
142int auth_ttyok(login_cap_t *, const char *);
143int auth_hostok(login_cap_t *, const char *, char const *);
144int auth_timeok(login_cap_t *, time_t);
145
146struct tm;
147
148login_time_t parse_lt(const char *);
| 26 */
27
28#ifndef _LOGIN_CAP_H_
29#define _LOGIN_CAP_H_
30
31#define LOGIN_DEFCLASS "default"
32#define LOGIN_DEFROOTCLASS "root"
33#define LOGIN_MECLASS "me"
34#define LOGIN_DEFSTYLE "passwd"
35#define LOGIN_DEFSERVICE "login"
36#define LOGIN_DEFUMASK 022
37#define LOGIN_DEFPRI 0
38#define _PATH_LOGIN_CONF "/etc/login.conf"
39#define _FILE_LOGIN_CONF ".login_conf"
40#define _PATH_AUTHPROG "/usr/libexec/login_"
41
42#define LOGIN_SETGROUP 0x0001 /* set group */
43#define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */
44#define LOGIN_SETPATH 0x0004 /* set path */
45#define LOGIN_SETPRIORITY 0x0008 /* set priority */
46#define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */
47#define LOGIN_SETUMASK 0x0020 /* set umask, obviously */
48#define LOGIN_SETUSER 0x0040 /* set user (via setuid) */
49#define LOGIN_SETENV 0x0080 /* set user environment */
50#define LOGIN_SETMAC 0x0100 /* set user default MAC label */
51#define LOGIN_SETCPUMASK 0x0200 /* set user cpumask */
52#define LOGIN_SETALL 0x03ff /* set everything */
53
54#define BI_AUTH "authorize" /* accepted authentication */
55#define BI_REJECT "reject" /* rejected authentication */
56#define BI_CHALLENG "reject challenge" /* reject with a challenge */
57#define BI_SILENT "reject silent" /* reject silently */
58#define BI_REMOVE "remove" /* remove file on error */
59#define BI_ROOTOKAY "authorize root" /* root authenticated */
60#define BI_SECURE "authorize secure" /* okay on non-secure line */
61#define BI_SETENV "setenv" /* set environment variable */
62#define BI_VALUE "value" /* set local variable */
63
64#define AUTH_OKAY 0x01 /* user authenticated */
65#define AUTH_ROOTOKAY 0x02 /* root login okay */
66#define AUTH_SECURE 0x04 /* secure login */
67#define AUTH_SILENT 0x08 /* silent rejection */
68#define AUTH_CHALLENGE 0x10 /* a chellenge was given */
69
70#define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
71
72typedef struct login_cap {
73 char *lc_class;
74 char *lc_cap;
75 char *lc_style;
76} login_cap_t;
77
78typedef struct login_time {
79 u_short lt_start; /* Start time */
80 u_short lt_end; /* End time */
81#define LTM_NONE 0x00
82#define LTM_SUN 0x01
83#define LTM_MON 0x02
84#define LTM_TUE 0x04
85#define LTM_WED 0x08
86#define LTM_THU 0x10
87#define LTM_FRI 0x20
88#define LTM_SAT 0x40
89#define LTM_ANY 0x7F
90#define LTM_WK 0x3E
91#define LTM_WD 0x41
92 u_char lt_dow; /* Days of week */
93} login_time_t;
94
95#define LC_MAXTIMES 64
96
97#include <sys/cdefs.h>
98__BEGIN_DECLS
99struct passwd;
100
101void login_close(login_cap_t *);
102login_cap_t *login_getclassbyname(const char *, const struct passwd *);
103login_cap_t *login_getclass(const char *);
104login_cap_t *login_getpwclass(const struct passwd *);
105login_cap_t *login_getuserclass(const struct passwd *);
106
107const char *login_getcapstr(login_cap_t *, const char *, const char *,
108 const char *);
109const char **login_getcaplist(login_cap_t *, const char *, const char *);
110const char *login_getstyle(login_cap_t *, const char *, const char *);
111rlim_t login_getcaptime(login_cap_t *, const char *, rlim_t, rlim_t);
112rlim_t login_getcapnum(login_cap_t *, const char *, rlim_t, rlim_t);
113rlim_t login_getcapsize(login_cap_t *, const char *, rlim_t, rlim_t);
114const char *login_getpath(login_cap_t *, const char *, const char *);
115int login_getcapbool(login_cap_t *, const char *, int);
116const char *login_setcryptfmt(login_cap_t *, const char *, const char *);
117
118int setclasscontext(const char *, unsigned int);
119void setclasscpumask(login_cap_t *);
120int setusercontext(login_cap_t *, const struct passwd *, uid_t, unsigned int);
121void setclassresources(login_cap_t *);
122void setclassenvironment(login_cap_t *, const struct passwd *, int);
123
124/* Most of these functions are deprecated */
125int auth_approve(login_cap_t *, const char *, const char *);
126int auth_check(const char *, const char *, const char *, const char *, int *);
127void auth_env(void);
128char *auth_mkvalue(const char *);
129int auth_response(const char *, const char *, const char *, const char *, int *,
130 const char *, const char *);
131void auth_rmfiles(void);
132int auth_scan(int);
133int auth_script(const char *, ...);
134int auth_script_data(const char *, int, const char *, ...);
135char *auth_valud(const char *);
136int auth_setopt(const char *, const char *);
137void auth_clropts(void);
138
139void auth_checknologin(login_cap_t *);
140int auth_cat(const char *);
141
142int auth_ttyok(login_cap_t *, const char *);
143int auth_hostok(login_cap_t *, const char *, char const *);
144int auth_timeok(login_cap_t *, time_t);
145
146struct tm;
147
148login_time_t parse_lt(const char *);
|
151
152/* helper functions */
153
154int login_strinlist(const char **, char const *, int);
155int login_str2inlist(const char **, const char *, const char *, int);
156login_time_t * login_timelist(login_cap_t *, char const *, int *,
157 login_time_t **);
158int login_ttyok(login_cap_t *, const char *, const char *, const char *);
159int login_hostok(login_cap_t *, const char *, const char *, const char *,
160 const char *);
161
162__END_DECLS
163
164#endif /* _LOGIN_CAP_H_ */
| 153
154/* helper functions */
155
156int login_strinlist(const char **, char const *, int);
157int login_str2inlist(const char **, const char *, const char *, int);
158login_time_t * login_timelist(login_cap_t *, char const *, int *,
159 login_time_t **);
160int login_ttyok(login_cap_t *, const char *, const char *, const char *);
161int login_hostok(login_cap_t *, const char *, const char *, const char *,
162 const char *);
163
164__END_DECLS
165
166#endif /* _LOGIN_CAP_H_ */
|