login_cap.h revision 101959
154359Sroberto/*- 2182007Sroberto * Copyright (c) 1996 by 354359Sroberto * Sean Eric Fagan <sef@kithrup.com> 4182007Sroberto * David Nugent <davidn@blaze.net.au> 5182007Sroberto * All rights reserved. 654359Sroberto * 754359Sroberto * Redistribution and use in source and binary forms, with or without 8182007Sroberto * modification, is permitted provided that the following conditions 9182007Sroberto * are met: 10182007Sroberto * 1. Redistributions of source code must retain the above copyright 11182007Sroberto * notice immediately at the beginning of the file, without modification, 12182007Sroberto * this list of conditions, and the following disclaimer. 13182007Sroberto * 2. Redistributions in binary form must reproduce the above copyright 14182007Sroberto * notice, this list of conditions and the following disclaimer in the 15182007Sroberto * documentation and/or other materials provided with the distribution. 16182007Sroberto * 3. This work was done expressly for inclusion into FreeBSD. Other use 17182007Sroberto * is permitted provided this notation is included. 18182007Sroberto * 4. Absolutely no warranty of function or purpose is made by the authors. 19182007Sroberto * 5. Modifications may be freely made to this file providing the above 20182007Sroberto * conditions are met. 21182007Sroberto * 22182007Sroberto * Low-level routines relating to the user capabilities database 23182007Sroberto * 24182007Sroberto * Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp 25182007Sroberto * $FreeBSD: head/lib/libutil/login_cap.h 101959 2002-08-16 02:14:21Z rwatson $ 26182007Sroberto */ 27182007Sroberto 28182007Sroberto#ifndef _LOGIN_CAP_H_ 29182007Sroberto#define _LOGIN_CAP_H_ 30182007Sroberto 31182007Sroberto#define LOGIN_DEFCLASS "default" 32182007Sroberto#define LOGIN_DEFROOTCLASS "root" 33182007Sroberto#define LOGIN_MECLASS "me" 3454359Sroberto#define LOGIN_DEFSTYLE "passwd" 3554359Sroberto#define LOGIN_DEFSERVICE "login" 3654359Sroberto#define LOGIN_DEFUMASK 022 3754359Sroberto#define LOGIN_DEFPRI 0 3854359Sroberto#define _PATH_LOGIN_CONF "/etc/login.conf" 3954359Sroberto#define _FILE_LOGIN_CONF ".login_conf" 4054359Sroberto#define _PATH_AUTHPROG "/usr/libexec/login_" 4154359Sroberto 4254359Sroberto#define LOGIN_SETGROUP 0x0001 /* set group */ 4354359Sroberto#define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */ 4454359Sroberto#define LOGIN_SETPATH 0x0004 /* set path */ 4554359Sroberto#define LOGIN_SETPRIORITY 0x0008 /* set priority */ 4654359Sroberto#define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */ 4754359Sroberto#define LOGIN_SETUMASK 0x0020 /* set umask, obviously */ 4854359Sroberto#define LOGIN_SETUSER 0x0040 /* set user (via setuid) */ 4954359Sroberto#define LOGIN_SETENV 0x0080 /* set user environment */ 5054359Sroberto#define LOGIN_SETMAC 0x0100 /* set user default MAC label */ 5154359Sroberto#define LOGIN_SETALL 0x01ff /* set everything */ 5254359Sroberto 5354359Sroberto#define BI_AUTH "authorize" /* accepted authentication */ 5454359Sroberto#define BI_REJECT "reject" /* rejected authentication */ 55285612Sdelphij#define BI_CHALLENG "reject challenge" /* reject with a challenge */ 56285612Sdelphij#define BI_SILENT "reject silent" /* reject silently */ 5754359Sroberto#define BI_REMOVE "remove" /* remove file on error */ 5854359Sroberto#define BI_ROOTOKAY "authorize root" /* root authenticated */ 5954359Sroberto#define BI_SECURE "authorize secure" /* okay on non-secure line */ 60182007Sroberto#define BI_SETENV "setenv" /* set environment variable */ 61182007Sroberto#define BI_VALUE "value" /* set local variable */ 6254359Sroberto 63182007Sroberto#define AUTH_OKAY 0x01 /* user authenticated */ 64182007Sroberto#define AUTH_ROOTOKAY 0x02 /* root login okay */ 65182007Sroberto#define AUTH_SECURE 0x04 /* secure login */ 66182007Sroberto#define AUTH_SILENT 0x08 /* silent rejection */ 67182007Sroberto#define AUTH_CHALLENGE 0x10 /* a chellenge was given */ 68182007Sroberto 6954359Sroberto#define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE) 7054359Sroberto 7154359Srobertotypedef struct login_cap { 7254359Sroberto char *lc_class; 7354359Sroberto char *lc_cap; 7454359Sroberto char *lc_style; 7554359Sroberto} login_cap_t; 7654359Sroberto 7754359Srobertotypedef struct login_time { 7854359Sroberto u_short lt_start; /* Start time */ 79 u_short lt_end; /* End time */ 80#define LTM_NONE 0x00 81#define LTM_SUN 0x01 82#define LTM_MON 0x02 83#define LTM_TUE 0x04 84#define LTM_WED 0x08 85#define LTM_THU 0x10 86#define LTM_FRI 0x20 87#define LTM_SAT 0x40 88#define LTM_ANY 0x7F 89#define LTM_WK 0x3E 90#define LTM_WD 0x41 91 u_char lt_dow; /* Days of week */ 92} login_time_t; 93 94#define LC_MAXTIMES 64 95 96#include <sys/cdefs.h> 97__BEGIN_DECLS 98struct passwd; 99 100void login_close(login_cap_t *); 101login_cap_t *login_getclassbyname(const char *, const struct passwd *); 102login_cap_t *login_getclass(const char *); 103login_cap_t *login_getpwclass(const struct passwd *); 104login_cap_t *login_getuserclass(const struct passwd *); 105 106const char *login_getcapstr(login_cap_t*, const char *, const char *, const char *); 107char **login_getcaplist(login_cap_t *, const char *, const char *); 108const char *login_getstyle(login_cap_t *, const char *, const char *); 109rlim_t login_getcaptime(login_cap_t *, const char *, rlim_t, rlim_t); 110rlim_t login_getcapnum(login_cap_t *, const char *, rlim_t, rlim_t); 111rlim_t login_getcapsize(login_cap_t *, const char *, rlim_t, rlim_t); 112const char *login_getpath(login_cap_t *, const char *, const char *); 113int login_getcapbool(login_cap_t *, const char *, int); 114const char *login_setcryptfmt(login_cap_t *, const char *, const char *); 115 116int setclasscontext(const char*, unsigned int); 117int setusercontext(login_cap_t*, const struct passwd*, uid_t, unsigned int); 118void setclassresources(login_cap_t *); 119void setclassenvironment(login_cap_t *, const struct passwd *, int); 120 121/* Most of these functions are deprecated */ 122int auth_approve(login_cap_t*, const char*, const char*); 123int auth_check(const char *, const char *, const char *, const char *, int *); 124void auth_env(void); 125char *auth_mkvalue(const char *n); 126int auth_response(const char *, const char *, const char *, const char *, int *, const char *, const char *); 127void auth_rmfiles(void); 128int auth_scan(int); 129int auth_script(const char*, ...); 130int auth_script_data(const char *, int, const char *, ...); 131char *auth_valud(const char *); 132int auth_setopt(const char *, const char *); 133void auth_clropts(void); 134 135void auth_checknologin(login_cap_t*); 136int auth_cat(const char*); 137 138int auth_ttyok(login_cap_t*, const char *); 139int auth_hostok(login_cap_t*, const char *, char const *); 140int auth_timeok(login_cap_t*, time_t); 141 142struct tm; 143 144login_time_t parse_lt(const char *); 145int in_ltm(const login_time_t *, struct tm *, time_t *); 146int in_ltms(const login_time_t *, struct tm *, time_t *); 147 148/* helper functions */ 149 150int login_strinlist(char **, char const *, int); 151int login_str2inlist(char **, const char *, const char *, int); 152login_time_t * login_timelist(login_cap_t *, char const *, int *, login_time_t **); 153int login_ttyok(login_cap_t *, const char *, const char *, const char *); 154int login_hostok(login_cap_t *, const char *, const char *, const char *, const char *); 155 156__END_DECLS 157 158#endif /* _LOGIN_CAP_H_ */ 159