diff options
author | des <des@FreeBSD.org> | 2014-07-19 21:04:21 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2014-07-19 21:04:21 +0000 |
commit | ded724b36022ac49f26d8660a730bf9fde569ab6 (patch) | |
tree | 276b1de4a1ad2298cc71fb74d4279794c7731428 /lib/libpam | |
parent | 1f15eea2e088718478067efc8df6ecd1fc86dcee (diff) | |
download | FreeBSD-src-ded724b36022ac49f26d8660a730bf9fde569ab6.zip FreeBSD-src-ded724b36022ac49f26d8660a730bf9fde569ab6.tar.gz |
Add support for the "account" facility.
PR: 115164
MFC after: 1 week
Diffstat (limited to 'lib/libpam')
-rw-r--r-- | lib/libpam/modules/pam_group/pam_group.8 | 7 | ||||
-rw-r--r-- | lib/libpam/modules/pam_group/pam_group.c | 23 |
2 files changed, 25 insertions, 5 deletions
diff --git a/lib/libpam/modules/pam_group/pam_group.8 b/lib/libpam/modules/pam_group/pam_group.8 index 985094b..4f368e5 100644 --- a/lib/libpam/modules/pam_group/pam_group.8 +++ b/lib/libpam/modules/pam_group/pam_group.8 @@ -33,7 +33,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 9, 2011 +.Dd July 19, 2014 .Dt PAM_GROUP 8 .Os .Sh NAME @@ -48,6 +48,11 @@ .Sh DESCRIPTION The group service module for PAM accepts or rejects users based on their membership in a particular file group. +.Nm pam_group +provides functionality for two PAM categories: authentication and +account management. +In terms of the module-type parameter, they are the ``auth'' and +``account'' features. .Pp The following options may be passed to the .Nm diff --git a/lib/libpam/modules/pam_group/pam_group.c b/lib/libpam/modules/pam_group/pam_group.c index 5b918c0..6cf2774 100644 --- a/lib/libpam/modules/pam_group/pam_group.c +++ b/lib/libpam/modules/pam_group/pam_group.c @@ -47,15 +47,14 @@ __FBSDID("$FreeBSD$"); #include <unistd.h> #define PAM_SM_AUTH +#define PAM_SM_ACCOUNT #include <security/pam_appl.h> #include <security/pam_modules.h> #include <security/openpam.h> - -PAM_EXTERN int -pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, - int argc __unused, const char *argv[] __unused) +static int +pam_group(pam_handle_t *pamh) { int local, remote; const char *group, *user; @@ -121,6 +120,14 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, } PAM_EXTERN int +pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, + int argc __unused, const char *argv[] __unused) +{ + + return (pam_group(pamh)); +} + +PAM_EXTERN int pam_sm_setcred(pam_handle_t * pamh __unused, int flags __unused, int argc __unused, const char *argv[] __unused) { @@ -128,4 +135,12 @@ pam_sm_setcred(pam_handle_t * pamh __unused, int flags __unused, return (PAM_SUCCESS); } +PAM_EXTERN int +pam_sm_acct_mgmt(pam_handle_t *pamh, int flags __unused, + int argc __unused, const char *argv[] __unused) +{ + + return (pam_group(pamh)); +} + PAM_MODULE_ENTRY("pam_group"); |