PAM_ACCT_MGMT(3) Library Functions Manual PAM_ACCT_MGMT(3)

NAME

pam_acct_mgmtperform PAM account validation procedures

SYNOPSIS

#include <sys/types.h>
#include <security/pam_appl.h>
int
pam_acct_mgmt(pam_handle_t *pamh, int flags);

DESCRIPTION

The pam_acct_mgmt() function verifies and enforces account restrictions after the user has been authenticated.
The flags argument is the binary or of zero or more of the following values:
 
 
PAM_SILENT
Do not emit any messages.
 
 
PAM_DISALLOW_NULL_AUTHTOK
Fail if the user's authentication token is null.
If any other bits are set, pam_acct_mgmt() will return PAM_SYMBOL_ERR.

RETURN VALUES

The pam_acct_mgmt() function returns one of the following values:
 
 
[PAM_SUCCESS]
Success.
 
 
[PAM_ABORT]
General failure.
 
 
[PAM_ACCT_EXPIRED]
User account has expired.
 
 
[PAM_AUTH_ERR]
Authentication error.
 
 
[PAM_BUF_ERR]
Memory buffer error.
 
 
[PAM_CONV_ERR]
Conversation failure.
 
 
[PAM_NEW_AUTHTOK_REQD]
New authentication token required.
 
 
[PAM_PERM_DENIED]
Permission denied.
 
 
[PAM_SERVICE_ERR]
Error in service module.
 
 
[PAM_SYSTEM_ERR]
System error.
 
 
[PAM_USER_UNKNOWN]
Unknown user.

SEE ALSO

pam(3), pam_strerror(3)

STANDARDS

X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.

AUTHORS

The pam_acct_mgmt() function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.
The OpenPAM library is maintained by Dag-Erling Smørgrav <des@des.no>.
April 30, 2017 NetBSD 8.2