usr/src/lib/pam_modules/deny/deny.c

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License, Version 1.0 only
   6  * (the "License").  You may not use this file except in compliance
   7  * with the License.
   8  *
   9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10  * or http://www.opensolaris.org/os/licensing.
  11  * See the License for the specific language governing permissions
  12  * and limitations under the License.
  13  *
  14  * When distributing Covered Code, include this CDDL HEADER in each
  15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16  * If applicable, add the following below this CDDL HEADER, with the
  17  * fields enclosed by brackets "[]" replaced with your own identifying
  18  * information: Portions Copyright [yyyy] [name of copyright owner]
  19  *
  20  * CDDL HEADER END
  21  */
  22 /*
  23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  */
  26
  27 #pragma ident   "%Z%%M% %I%     %E% SMI"
  28
  29 #include <strings.h>
  30 #include <syslog.h>
  31
  32 #include <security/pam_appl.h>
  33 #include <security/pam_modules.h>
  34
  35 /*
  36  * pam_deny - PAM service module that returns the default error code for
  37  *            all service module types.
  38  *
  39  *      Entry   argv = debug, syslog call LOG_AUTH | LOG_DEBUG.
  40  *
  41  *      Exit    PAM_* appropriate for service module type.
  42  *
  43  *      Uses    PAM_USER, PAM_SERVICE
  44  */
  45
  46 static void
  47 debug(pam_handle_t *pamh, int flags, int argc, const char **argv, char *mod)
  48 {
  49         char *user;
  50         char *service;
  51
  52         if (argc < 1 || strcmp(argv[0], "debug") != 0)
  53                 return;
  54
  55         (void) pam_get_item(pamh, PAM_SERVICE, (void **)&service);
  56         (void) pam_get_item(pamh, PAM_USER, (void **)&user);
  57
  58         syslog(LOG_AUTH | LOG_DEBUG, "%s pam_deny:%s(%x) for %s",
  59             service ? service : "No Service Specified", mod, flags,
  60             user ? user : "No User Specified");
  61 }
  62
  63 int
  64 pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
  65 {
  66         debug(pamh, flags, argc, argv, "pam_sm_authenticate");
  67         return (PAM_AUTH_ERR);
  68 }
  69
  70 int
  71 pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
  72 {
  73         debug(pamh, flags, argc, argv, "pam_sm_setcred");
  74         return (PAM_CRED_ERR);
  75 }
  76
  77 int
  78 pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
  79 {
  80         debug(pamh, flags, argc, argv, "pam_sm_acct_mgmt");
  81         return (PAM_ACCT_EXPIRED);
  82 }
  83
  84 int
  85 pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
  86 {
  87         debug(pamh, flags, argc, argv, "pam_sm_open_session");
  88         return (PAM_SESSION_ERR);
  89 }
  90
  91 int
  92 pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
  93 {
  94         debug(pamh, flags, argc, argv, "pam_sm_close_session");
  95         return (PAM_SESSION_ERR);
  96 }
  97
  98 int
  99 pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
 100 {
 101         debug(pamh, flags, argc, argv, "pam_sm_chauthtok");
 102         return (PAM_AUTHTOK_ERR);
 103 }