login_cap.h revision 180815
142580Speter/*- 2111826Sgshapiro * Copyright (c) 1996 by 364565Sgshapiro * Sean Eric Fagan <sef@kithrup.com> 438032Speter * David Nugent <davidn@blaze.net.au> 538032Speter * All rights reserved. 638032Speter * 738032Speter * Redistribution and use in source and binary forms, with or without 838032Speter * modification, is permitted provided that the following conditions 938032Speter * are met: 1038032Speter * 1. Redistributions of source code must retain the above copyright 11102533Sgshapiro * notice immediately at the beginning of the file, without modification, 12102533Sgshapiro * this list of conditions, and the following disclaimer. 1338032Speter * 2. Redistributions in binary form must reproduce the above copyright 1438032Speter * notice, this list of conditions and the following disclaimer in the 1590795Sgshapiro * documentation and/or other materials provided with the distribution. 1690795Sgshapiro * 3. This work was done expressly for inclusion into FreeBSD. Other use 1790795Sgshapiro * is permitted provided this notation is included. 1873191Sgshapiro * 4. Absolutely no warranty of function or purpose is made by the authors. 1964565Sgshapiro * 5. Modifications may be freely made to this file providing the above 2064565Sgshapiro * conditions are met. 2190795Sgshapiro * 2238032Speter * Low-level routines relating to the user capabilities database 23112813Sgshapiro * 2438032Speter * Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp 2590795Sgshapiro * $FreeBSD: head/lib/libutil/login_cap.h 180815 2008-07-25 19:58:14Z brooks $ 2690795Sgshapiro */ 2790795Sgshapiro 2890795Sgshapiro#ifndef _LOGIN_CAP_H_ 2990795Sgshapiro#define _LOGIN_CAP_H_ 3090795Sgshapiro 3190795Sgshapiro#define LOGIN_DEFCLASS "default" 3290795Sgshapiro#define LOGIN_DEFROOTCLASS "root" 3390795Sgshapiro#define LOGIN_MECLASS "me" 3490795Sgshapiro#define LOGIN_DEFSTYLE "passwd" 3590795Sgshapiro#define LOGIN_DEFSERVICE "login" 3638032Speter#define LOGIN_DEFUMASK 022 3764565Sgshapiro#define LOGIN_DEFPRI 0 3864565Sgshapiro#define _PATH_LOGIN_CONF "/etc/login.conf" 3990795Sgshapiro#define _FILE_LOGIN_CONF ".login_conf" 4090795Sgshapiro#define _PATH_AUTHPROG "/usr/libexec/login_" 4164565Sgshapiro 4264565Sgshapiro#define LOGIN_SETGROUP 0x0001 /* set group */ 4364565Sgshapiro#define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */ 4438032Speter#define LOGIN_SETPATH 0x0004 /* set path */ 4564565Sgshapiro#define LOGIN_SETPRIORITY 0x0008 /* set priority */ 4690795Sgshapiro#define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */ 4790795Sgshapiro#define LOGIN_SETUMASK 0x0020 /* set umask, obviously */ 4890795Sgshapiro#define LOGIN_SETUSER 0x0040 /* set user (via setuid) */ 4990795Sgshapiro#define LOGIN_SETENV 0x0080 /* set user environment */ 5090795Sgshapiro#define LOGIN_SETMAC 0x0100 /* set user default MAC label */ 5190795Sgshapiro#define LOGIN_SETCPUMASK 0x0200 /* set user cpumask */ 5290795Sgshapiro#define LOGIN_SETALL 0x03ff /* set everything */ 5366497Sgshapiro 5466497Sgshapiro#define BI_AUTH "authorize" /* accepted authentication */ 5566497Sgshapiro#define BI_REJECT "reject" /* rejected authentication */ 5666497Sgshapiro#define BI_CHALLENG "reject challenge" /* reject with a challenge */ 5766497Sgshapiro#define BI_SILENT "reject silent" /* reject silently */ 5890795Sgshapiro#define BI_REMOVE "remove" /* remove file on error */ 5964565Sgshapiro#define BI_ROOTOKAY "authorize root" /* root authenticated */ 6090795Sgshapiro#define BI_SECURE "authorize secure" /* okay on non-secure line */ 6190795Sgshapiro#define BI_SETENV "setenv" /* set environment variable */ 6290795Sgshapiro#define BI_VALUE "value" /* set local variable */ 6366497Sgshapiro 6490795Sgshapiro#define AUTH_OKAY 0x01 /* user authenticated */ 6590795Sgshapiro#define AUTH_ROOTOKAY 0x02 /* root login okay */ 6664565Sgshapiro#define AUTH_SECURE 0x04 /* secure login */ 6764565Sgshapiro#define AUTH_SILENT 0x08 /* silent rejection */ 6890795Sgshapiro#define AUTH_CHALLENGE 0x10 /* a chellenge was given */ 6990795Sgshapiro 7064565Sgshapiro#define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE) 7164565Sgshapiro 7290795Sgshapirotypedef struct login_cap { 7390795Sgshapiro char *lc_class; 7490795Sgshapiro char *lc_cap; 7590795Sgshapiro char *lc_style; 7690795Sgshapiro} login_cap_t; 7790795Sgshapiro 7890795Sgshapirotypedef struct login_time { 7964565Sgshapiro u_short lt_start; /* Start time */ 8090795Sgshapiro u_short lt_end; /* End time */ 8138032Speter#define LTM_NONE 0x00 8238032Speter#define LTM_SUN 0x01 8390795Sgshapiro#define LTM_MON 0x02 8490795Sgshapiro#define LTM_TUE 0x04 8538032Speter#define LTM_WED 0x08 8690795Sgshapiro#define LTM_THU 0x10 8790795Sgshapiro#define LTM_FRI 0x20 8890795Sgshapiro#define LTM_SAT 0x40 8990795Sgshapiro#define LTM_ANY 0x7F 9090795Sgshapiro#define LTM_WK 0x3E 9190795Sgshapiro#define LTM_WD 0x41 9290795Sgshapiro u_char lt_dow; /* Days of week */ 9338032Speter} login_time_t; 9490795Sgshapiro 9590795Sgshapiro#define LC_MAXTIMES 64 9690795Sgshapiro 9738032Speter#include <sys/cdefs.h> 9838032Speter__BEGIN_DECLS 9964565Sgshapirostruct passwd; 10064565Sgshapiro 10190795Sgshapirovoid login_close(login_cap_t *); 10264565Sgshapirologin_cap_t *login_getclassbyname(const char *, const struct passwd *); 10373191Sgshapirologin_cap_t *login_getclass(const char *); 10490795Sgshapirologin_cap_t *login_getpwclass(const struct passwd *); 10590795Sgshapirologin_cap_t *login_getuserclass(const struct passwd *); 10690795Sgshapiro 10738032Speterconst char *login_getcapstr(login_cap_t*, const char *, const char *, const char *); 10890795Sgshapiroconst char **login_getcaplist(login_cap_t *, const char *, const char *); 10990795Sgshapiroconst char *login_getstyle(login_cap_t *, const char *, const char *); 11090795Sgshapirorlim_t login_getcaptime(login_cap_t *, const char *, rlim_t, rlim_t); 11173191Sgshapirorlim_t login_getcapnum(login_cap_t *, const char *, rlim_t, rlim_t); 11264565Sgshapirorlim_t login_getcapsize(login_cap_t *, const char *, rlim_t, rlim_t); 11364565Sgshapiroconst char *login_getpath(login_cap_t *, const char *, const char *); 11464565Sgshapiroint login_getcapbool(login_cap_t *, const char *, int); 11564565Sgshapiroconst char *login_setcryptfmt(login_cap_t *, const char *, const char *); 11690795Sgshapiro 11790795Sgshapiroint setclasscontext(const char*, unsigned int); 11890795Sgshapiroint setusercontext(login_cap_t*, const struct passwd*, uid_t, unsigned int); 11990795Sgshapirovoid setclassresources(login_cap_t *); 12042580Spetervoid setclassenvironment(login_cap_t *, const struct passwd *, int); 12142580Speter 12264565Sgshapiro/* Most of these functions are deprecated */ 12342580Speterint auth_approve(login_cap_t*, const char*, const char*); 12464565Sgshapiroint auth_check(const char *, const char *, const char *, const char *, int *); 12564565Sgshapirovoid auth_env(void); 12664565Sgshapirochar *auth_mkvalue(const char *n); 12764565Sgshapiroint auth_response(const char *, const char *, const char *, const char *, int *, const char *, const char *); 12864565Sgshapirovoid auth_rmfiles(void); 12938032Speterint auth_scan(int); 13090795Sgshapiroint auth_script(const char*, ...); 13173191Sgshapiroint auth_script_data(const char *, int, const char *, ...); 13264565Sgshapirochar *auth_valud(const char *); 13390795Sgshapiroint auth_setopt(const char *, const char *); 13490795Sgshapirovoid auth_clropts(void); 13590795Sgshapiro 13690795Sgshapirovoid auth_checknologin(login_cap_t*); 13790795Sgshapiroint auth_cat(const char*); 13890795Sgshapiro 13938032Speterint auth_ttyok(login_cap_t*, const char *); 14073191Sgshapiroint auth_hostok(login_cap_t*, const char *, char const *); 14164565Sgshapiroint auth_timeok(login_cap_t*, time_t); 14264565Sgshapiro 14390795Sgshapirostruct tm; 14464565Sgshapiro 14564565Sgshapirologin_time_t parse_lt(const char *); 14664565Sgshapiroint in_ltm(const login_time_t *, struct tm *, time_t *); 14764565Sgshapiroint in_ltms(const login_time_t *, struct tm *, time_t *); 14873191Sgshapiro 14964565Sgshapiro/* helper functions */ 15064565Sgshapiro 15138032Speterint login_strinlist(const char **, char const *, int); 15238032Speterint login_str2inlist(const char **, const char *, const char *, int); 15338032Speterlogin_time_t * login_timelist(login_cap_t *, char const *, int *, login_time_t **); 15438032Speterint login_ttyok(login_cap_t *, const char *, const char *, const char *); 15538032Speterint login_hostok(login_cap_t *, const char *, const char *, const char *, const char *); 15638032Speter 15764565Sgshapiro__END_DECLS 15838032Speter 15938032Speter#endif /* _LOGIN_CAP_H_ */ 16090795Sgshapiro