summaryrefslogtreecommitdiff
path: root/doc/man/pam_acct_mgmt.3
diff options
context:
space:
mode:
Diffstat (limited to 'doc/man/pam_acct_mgmt.3')
-rw-r--r--doc/man/pam_acct_mgmt.3100
1 files changed, 100 insertions, 0 deletions
diff --git a/doc/man/pam_acct_mgmt.3 b/doc/man/pam_acct_mgmt.3
new file mode 100644
index 00000000..e233818c
--- /dev/null
+++ b/doc/man/pam_acct_mgmt.3
@@ -0,0 +1,100 @@
+'\" t
+.\" Title: pam_acct_mgmt
+.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
+.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
+.\" Date: 09/19/2013
+.\" Manual: Linux-PAM Manual
+.\" Source: Linux-PAM Manual
+.\" Language: English
+.\"
+.TH "PAM_ACCT_MGMT" "3" "09/19/2013" "Linux-PAM Manual" "Linux-PAM Manual"
+.\" -----------------------------------------------------------------
+.\" * Define some portability stuff
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" http://bugs.debian.org/507673
+.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "NAME"
+pam_acct_mgmt \- PAM account validation management
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl\&.h>
+.fi
+.ft
+.HP \w'int\ pam_acct_mgmt('u
+.BI "int pam_acct_mgmt(pam_handle_t\ *" "pamh" ", int\ " "flags" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_acct_mgmt\fR
+function is used to determine if the users account is valid\&. It checks for authentication token and account expiration and verifies access restrictions\&. It is typically called after the user has been authenticated\&.
+.PP
+The
+\fIpamh\fR
+argument is an authentication handle obtained by a prior call to pam_start()\&. The flags argument is the binary or of zero or more of the following values:
+.PP
+PAM_SILENT
+.RS 4
+Do not emit any messages\&.
+.RE
+.PP
+PAM_DISALLOW_NULL_AUTHTOK
+.RS 4
+The PAM module service should return PAM_NEW_AUTHTOK_REQD if the user has a null authentication token\&.
+.RE
+.SH "RETURN VALUES"
+.PP
+PAM_ACCT_EXPIRED
+.RS 4
+User account has expired\&.
+.RE
+.PP
+PAM_AUTH_ERR
+.RS 4
+Authentication failure\&.
+.RE
+.PP
+PAM_NEW_AUTHTOK_REQD
+.RS 4
+The user account is valid but their authentication token is
+\fIexpired\fR\&. The correct response to this return\-value is to require that the user satisfies the
+\fBpam_chauthtok()\fR
+function before obtaining service\&. It may not be possible for some applications to do this\&. In such cases, the user should be denied access until such time as they can update their password\&.
+.RE
+.PP
+PAM_PERM_DENIED
+.RS 4
+Permission denied\&.
+.RE
+.PP
+PAM_SUCCESS
+.RS 4
+The authentication token was successfully updated\&.
+.RE
+.PP
+PAM_USER_UNKNOWN
+.RS 4
+User unknown to password service\&.
+.RE
+.SH "SEE ALSO"
+.PP
+\fBpam_start\fR(3),
+\fBpam_authenticate\fR(3),
+\fBpam_chauthtok\fR(3),
+\fBpam_strerror\fR(3),
+\fBpam\fR(8)