include/login_cap.h

   1 /*      $OpenBSD: login_cap.h,v 1.13 2005/01/28 17:17:22 millert Exp $  */
   2
   3 /*-
   4  * Copyright (c) 1995,1997 Berkeley Software Design, Inc. All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  * 2. Redistributions in binary form must reproduce the above copyright
  12  *    notice, this list of conditions and the following disclaimer in the
  13  *    documentation and/or other materials provided with the distribution.
  14  * 3. All advertising materials mentioning features or use of this software
  15  *    must display the following acknowledgement:
  16  *      This product includes software developed by Berkeley Software Design,
  17  *      Inc.
  18  * 4. The name of Berkeley Software Design, Inc.  may not be used to endorse
  19  *    or promote products derived from this software without specific prior
  20  *    written permission.
  21  *
  22  * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
  23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  25  * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE
  26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  32  * SUCH DAMAGE.
  33  *
  34  *      BSDI $From: login_cap.h,v 2.11 1999/09/08 18:11:57 prb Exp $
  35  */
  36
  37 #ifndef _LOGIN_CAP_H_
  38 #define _LOGIN_CAP_H_
  39
  40 #define LOGIN_DEFCLASS          "default"
  41 #define LOGIN_DEFSTYLE          "passwd"
  42 #define LOGIN_DEFSERVICE        "login"
  43 #define LOGIN_DEFUMASK          022
  44 #define _PATH_LOGIN_CONF        "/etc/login.conf"
  45 #define _PATH_AUTHPROG          "/usr/libexec/auth/login_"
  46
  47 #define LOGIN_SETGROUP          0x0001  /* Set group */
  48 #define LOGIN_SETLOGIN          0x0002  /* Set login */
  49 #define LOGIN_SETPATH           0x0004  /* Set path */
  50 #define LOGIN_SETPRIORITY       0x0008  /* Set priority */
  51 #define LOGIN_SETRESOURCES      0x0010  /* Set resource limits */
  52 #define LOGIN_SETUMASK          0x0020  /* Set umask */
  53 #define LOGIN_SETUSER           0x0040  /* Set user */
  54 #define LOGIN_SETENV            0x0080  /* Set environment */
  55 #define LOGIN_SETALL            0x00ff  /* Set all. */
  56
  57 #define BI_AUTH         "authorize"             /* Accepted authentication */
  58 #define BI_REJECT       "reject"                /* Rejected authentication */
  59 #define BI_CHALLENGE    "reject challenge"      /* Reject with a challenge */
  60 #define BI_SILENT       "reject silent"         /* Reject silently */
  61 #define BI_REMOVE       "remove"                /* remove file on error */
  62 #define BI_ROOTOKAY     "authorize root"        /* root authenticated */
  63 #define BI_SECURE       "authorize secure"      /* okay on non-secure line */
  64 #define BI_SETENV       "setenv"                /* set environment variable */
  65 #define BI_UNSETENV     "unsetenv"              /* unset environment variable */
  66 #define BI_VALUE        "value"                 /* set local variable */
  67 #define BI_EXPIRED      "reject expired"        /* account expired */
  68 #define BI_PWEXPIRED    "reject pwexpired"      /* password expired */
  69 #define BI_FDPASS       "fd"                    /* child is passing an fd */
  70
  71 /*
  72  * bits which can be returned by authenticate()/auth_scan()
  73  */
  74 #define AUTH_OKAY       0x01                    /* user authenticated */
  75 #define AUTH_ROOTOKAY   0x02                    /* authenticated as root */
  76 #define AUTH_SECURE     0x04                    /* secure login */
  77 #define AUTH_SILENT     0x08                    /* silent rejection */
  78 #define AUTH_CHALLENGE  0x10                    /* a challenge was given */
  79 #define AUTH_EXPIRED    0x20                    /* account expired */
  80 #define AUTH_PWEXPIRED  0x40                    /* password expired */
  81
  82 #define AUTH_ALLOW      (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
  83
  84 typedef struct login_cap {
  85         char    *lc_class;
  86         char    *lc_cap;
  87         char    *lc_style;
  88 } login_cap_t;
  89
  90 #include <sys/cdefs.h>
  91 __BEGIN_DECLS
  92 struct passwd;
  93
  94 login_cap_t *login_getclass(char *);
  95 void     login_close(login_cap_t *);
  96 int      login_getcapbool(login_cap_t *, char *, unsigned int);
  97 quad_t   login_getcapnum(login_cap_t *, char *, quad_t, quad_t);
  98 quad_t   login_getcapsize(login_cap_t *, char *, quad_t, quad_t);
  99 char    *login_getcapstr(login_cap_t *, char *, char *, char *);
 100 quad_t   login_getcaptime(login_cap_t *, char *, quad_t, quad_t);
 101 char    *login_getstyle(login_cap_t *, char *, char *);
 102
 103 int     secure_path(char *);
 104 int     setclasscontext(char *, unsigned int);
 105 int     setusercontext(login_cap_t *, struct passwd *, uid_t, unsigned int);
 106
 107 __END_DECLS
 108
 109 #endif /* _LOGIN_CAP_H_ */