lib/libutil/login_cap.h

25658Sdavidn/*-
25658Sdavidn * Copyright (c) 1996 by
25658Sdavidn * Sean Eric Fagan <sef@kithrup.com>
25658Sdavidn * David Nugent <davidn@blaze.net.au>
25658Sdavidn * All rights reserved.
25658Sdavidn *
25658Sdavidn * Redistribution and use in source and binary forms, with or without
25658Sdavidn * modification, is permitted provided that the following conditions
25658Sdavidn * are met:
25658Sdavidn * 1. Redistributions of source code must retain the above copyright
25658Sdavidn *    notice immediately at the beginning of the file, without modification,
25658Sdavidn *    this list of conditions, and the following disclaimer.
25658Sdavidn * 2. Redistributions in binary form must reproduce the above copyright
25658Sdavidn *    notice, this list of conditions and the following disclaimer in the
25658Sdavidn *    documentation and/or other materials provided with the distribution.
25658Sdavidn * 3. This work was done expressly for inclusion into FreeBSD.  Other use
25658Sdavidn *    is permitted provided this notation is included.
25658Sdavidn * 4. Absolutely no warranty of function or purpose is made by the authors.
25658Sdavidn * 5. Modifications may be freely made to this file providing the above
25658Sdavidn *    conditions are met.
25658Sdavidn *
25658Sdavidn * Low-level routines relating to the user capabilities database
25658Sdavidn *
25658Sdavidn *	Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
25670Sdavidn *	$Id: login_cap.h,v 1.1 1997/05/10 12:49:30 davidn Exp $
25658Sdavidn */
25658Sdavidn
25658Sdavidn#ifndef _LOGIN_CAP_H_
25658Sdavidn#define _LOGIN_CAP_H_
25658Sdavidn
25658Sdavidn#define LOGIN_DEFCLASS		"default"
25670Sdavidn#define LOGIN_DEFROOTCLASS	"root"
25670Sdavidn#define LOGIN_MECLASS		"me"
25658Sdavidn#define LOGIN_DEFSTYLE		"passwd"
25658Sdavidn#define LOGIN_DEFSERVICE	"login"
25658Sdavidn#define	LOGIN_DEFUMASK		022
25658Sdavidn#define LOGIN_DEFPRI		0
25658Sdavidn#define _PATH_LOGIN_CONF	"/etc/login.conf"
25658Sdavidn#define _FILE_LOGIN_CONF	".login_conf"
25658Sdavidn#define _PATH_AUTHPROG		"/usr/libexec/login_"
25658Sdavidn
25670Sdavidn#define LOGIN_SETGROUP		0x0001		/* set group */
25670Sdavidn#define LOGIN_SETLOGIN		0x0002		/* set login (via setlogin) */
25670Sdavidn#define LOGIN_SETPATH		0x0004		/* set path */
25670Sdavidn#define LOGIN_SETPRIORITY	0x0008		/* set priority */
25670Sdavidn#define LOGIN_SETRESOURCES	0x0010		/* set resources (cputime, etc.) */
25670Sdavidn#define LOGIN_SETUMASK		0x0020		/* set umask, obviously */
25670Sdavidn#define LOGIN_SETUSER		0x0040		/* set user (via setuid) */
25670Sdavidn#define LOGIN_SETENV		0x0080		/* set user environment */
25670Sdavidn#define	LOGIN_SETALL		0x00ff		/* set everything */
25658Sdavidn
25670Sdavidn#define BI_AUTH		"authorize"		/* accepted authentication */
25670Sdavidn#define BI_REJECT	"reject"		/* rejected authentication */
25670Sdavidn#define BI_CHALLENG	"reject challenge"	/* reject with a challenge */
25670Sdavidn#define BI_SILENT	"reject silent"		/* reject silently */
25670Sdavidn#define BI_REMOVE	"remove"		/* remove file on error */
25670Sdavidn#define BI_ROOTOKAY	"authorize root"	/* root authenticated */
25670Sdavidn#define BI_SECURE	"authorize secure"	/* okay on non-secure line */
25670Sdavidn#define BI_SETENV	"setenv"		/* set environment variable */
25670Sdavidn#define BI_VALUE	"value"			/* set local variable */
25658Sdavidn
25670Sdavidn#define AUTH_OKAY		0x01		/* user authenticated */
25670Sdavidn#define AUTH_ROOTOKAY		0x02		/* root login okay */
25670Sdavidn#define AUTH_SECURE		0x04		/* secure login */
25670Sdavidn#define AUTH_SILENT		0x08		/* silent rejection */
25670Sdavidn#define AUTH_CHALLENGE		0x10		/* a chellenge was given */
25658Sdavidn
25670Sdavidn#define	AUTH_ALLOW		(AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
25670Sdavidn
25658Sdavidntypedef struct login_cap {
25670Sdavidn    char    *lc_class;
25670Sdavidn    char    *lc_cap;
25670Sdavidn    char    *lc_style;
25658Sdavidn} login_cap_t;
25658Sdavidn
25658Sdavidntypedef struct login_time {
25670Sdavidn    u_short     lt_start;	/* Start time */
25670Sdavidn    u_short     lt_end;		/* End time */
25670Sdavidn#define LTM_NONE  0x00
25670Sdavidn#define LTM_SUN   0x01
25670Sdavidn#define LTM_MON   0x02
25670Sdavidn#define LTM_TUE   0x04
25670Sdavidn#define LTM_WED   0x08
25670Sdavidn#define LTM_THU   0x10
25670Sdavidn#define LTM_FRI   0x20
25670Sdavidn#define LTM_SAT   0x40
25670Sdavidn#define LTM_ANY   0x7F
25670Sdavidn#define LTM_WK    0x3E
25670Sdavidn#define LTM_WD    0x41
25670Sdavidn    u_char	 lt_dow;	/* Days of week */
25658Sdavidn} login_time_t;
25670Sdavidn
25658Sdavidn#define LC_MAXTIMES 64
25658Sdavidn
25658Sdavidn#include <sys/cdefs.h>
25658Sdavidn__BEGIN_DECLS
25658Sdavidnstruct passwd;
25658Sdavidn
25658Sdavidnvoid login_close __P((login_cap_t *));
25670Sdavidnlogin_cap_t *login_getclassbyname __P((const char *, const struct passwd *));
25670Sdavidnlogin_cap_t *login_getclass __P((const char *));
25670Sdavidnlogin_cap_t *login_getpwclass __P((const struct passwd *));
25658Sdavidnlogin_cap_t *login_getuserclass __P((const struct passwd *));
25658Sdavidn
25658Sdavidnchar *login_getcapstr __P((login_cap_t*, const char *, char *, char *));
25658Sdavidnchar **login_getcaplist __P((login_cap_t *, const char *, const char *));
25658Sdavidnchar *login_getstyle __P((login_cap_t *, char *, const char *));
25658Sdavidnrlim_t login_getcaptime __P((login_cap_t *, const char *, rlim_t, rlim_t));
25658Sdavidnrlim_t login_getcapnum __P((login_cap_t *, const char *, rlim_t, rlim_t));
25658Sdavidnrlim_t login_getcapsize __P((login_cap_t *, const char *, rlim_t, rlim_t));
25658Sdavidnchar *login_getpath __P((login_cap_t *, const char *, char *));
25658Sdavidnint login_getcapbool __P((login_cap_t *, const char *, int));
25658Sdavidn
25658Sdavidnint setclasscontext __P((const char*, unsigned int));
25658Sdavidnint setusercontext __P((login_cap_t*, const struct passwd*, uid_t, unsigned int));
25658Sdavidnvoid setclassresources __P((login_cap_t *));
25658Sdavidnvoid setclassenvironment __P((login_cap_t *, const struct passwd *, int));
25658Sdavidn
25670Sdavidn/* Most of these functions are deprecated */
25670Sdavidnint auth_approve __P((login_cap_t*, const char*, const char*));
25670Sdavidnint auth_check __P((const char *, const char *, const char *, const char *, int *));
25670Sdavidnvoid auth_env __P((void));
25670Sdavidnchar *auth_mkvalue __P((const char *n));
25670Sdavidnint auth_response __P((const char *, const char *, const char *, const char *, int *, const char *, const char *));
25670Sdavidnvoid auth_rmfiles __P((void));
25670Sdavidnint auth_scan __P((int));
25658Sdavidnint auth_script __P((const char*, ...));
25670Sdavidnint auth_script_data __P((const char *, int, const char *, ...));
25670Sdavidnchar *auth_valud __P((const char *));
25670Sdavidnint auth_setopt __P((const char *, const char *));
25670Sdavidnvoid auth_clropts __P((void));
25670Sdavidn
25658Sdavidnvoid auth_checknologin __P((login_cap_t*));
25658Sdavidnint auth_cat __P((const char*));
25658Sdavidn
25658Sdavidnint auth_ttyok __P((login_cap_t*, const char *));
25658Sdavidnint auth_hostok __P((login_cap_t*, const char *, char const *));
25658Sdavidnint auth_timeok __P((login_cap_t*, time_t));
25658Sdavidn
25658Sdavidnstruct tm;
25658Sdavidn
25658Sdavidnlogin_time_t parse_lt __P((const char *));
25658Sdavidnint in_ltm __P((const login_time_t *, struct tm *, time_t *));
25658Sdavidnint in_ltms __P((const login_time_t *, struct tm *, time_t *));
25658Sdavidn
25670Sdavidn/* helper functions */
25658Sdavidn
25658Sdavidnint login_strinlist __P((char **, char const *, int));
25658Sdavidnint login_str2inlist __P((char **, const char *, const char *, int));
25658Sdavidnlogin_time_t * login_timelist __P((login_cap_t *, char const *, int *, login_time_t **));
25658Sdavidnint login_ttyok __P((login_cap_t *, const char *, const char *, const char *));
25658Sdavidnint login_hostok __P((login_cap_t *, const char *, const char *, const char *, const char *));
25658Sdavidn
25658Sdavidn__END_DECLS
25658Sdavidn
25658Sdavidn#endif /* _LOGIN_CAP_H_ */