179476Smarkm/*-
279476Smarkm * Copyright (c) 2001 Mark R V Murray
379476Smarkm * All rights reserved.
492297Sdes * Copyright (c) 2001 Networks Associates Technology, Inc.
587398Sdes * All rights reserved.
679476Smarkm *
787398Sdes * Portions of this software were developed for the FreeBSD Project by
887398Sdes * ThinkSec AS and NAI Labs, the Security Research Division of Network
987398Sdes * Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
1087398Sdes * ("CBOSS"), as part of the DARPA CHATS research program.
1187398Sdes *
1279476Smarkm * Redistribution and use in source and binary forms, with or without
1379476Smarkm * modification, are permitted provided that the following conditions
1479476Smarkm * are met:
1579476Smarkm * 1. Redistributions of source code must retain the above copyright
1679476Smarkm *    notice, this list of conditions and the following disclaimer.
1779476Smarkm * 2. Redistributions in binary form must reproduce the above copyright
1879476Smarkm *    notice, this list of conditions and the following disclaimer in the
1979476Smarkm *    documentation and/or other materials provided with the distribution.
2087398Sdes * 3. The name of the author may not be used to endorse or promote
2187398Sdes *    products derived from this software without specific prior written
2287398Sdes *    permission.
2379476Smarkm *
2479476Smarkm * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
2579476Smarkm * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
2679476Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2779476Smarkm * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
2879476Smarkm * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2979476Smarkm * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
3079476Smarkm * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
3179476Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
3279476Smarkm * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
3379476Smarkm * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
3479476Smarkm * SUCH DAMAGE.
3579476Smarkm */
3679476Smarkm
3784218Sdillon#include <sys/cdefs.h>
3884218Sdillon__FBSDID("$FreeBSD$");
3984218Sdillon
4079476Smarkm#define _BSD_SOURCE
4179476Smarkm
4279476Smarkm#include <unistd.h>
4379476Smarkm#include <syslog.h>
4479476Smarkm
4579476Smarkm#define PAM_SM_AUTH
4679476Smarkm
4790229Sdes#include <security/pam_appl.h>
4879476Smarkm#include <security/pam_modules.h>
4990229Sdes#include <security/pam_mod_misc.h>
5079476Smarkm
5179476SmarkmPAM_EXTERN int
5294564Sdespam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
5394564Sdes    int argc __unused, const char *argv[] __unused)
5479476Smarkm{
5579476Smarkm
5681474Smarkm	if (getuid() == 0)
5794564Sdes		return (PAM_SUCCESS);
5879476Smarkm
5981474Smarkm	PAM_VERBOSE_ERROR("Refused; not superuser");
6081474Smarkm	PAM_LOG("User is not superuser");
6179476Smarkm
6294564Sdes	return (PAM_AUTH_ERR);
6379476Smarkm}
6479476Smarkm
6579476SmarkmPAM_EXTERN int
6694564Sdespam_sm_setcred(pam_handle_t *pamh __unused, int flags __unused,
6794564Sdes    int argc __unused, const char *argv[] __unused)
6879476Smarkm{
6981474Smarkm
7094564Sdes	return (PAM_SUCCESS);
7179476Smarkm}
7279476Smarkm
7379476SmarkmPAM_MODULE_ENTRY("pam_rootok");
74