NAME
openpam_get_feature —
query the state
of an optional feature
SYNOPSIS
#include <sys/types.h>
#include <security/pam_appl.h>
#include <security/openpam.h>
int
openpam_get_feature(
int
feature,
int *onoff);
DESCRIPTION
This function is
experimental and may be modified or removed in a future release without prior
warning.
The
openpam_get_feature() function stores the current state of
the specified feature in the variable pointed to by its
onoff argument.
The following features are recognized:
-
-
OPENPAM_RESTRICT_SERVICE_NAME
- Disallow path separators in service names. This feature is
enabled by default. Disabling it allows the application to specify the
path to the desired policy file directly.
-
-
OPENPAM_VERIFY_POLICY_FILE
- Verify the ownership and permissions of the policy file and
the path leading up to it. This feature is enabled by default.
-
-
OPENPAM_RESTRICT_MODULE_NAME
- Disallow path separators in module names. This feature is
disabled by default. Enabling it prevents the use of modules in
non-standard locations.
-
-
OPENPAM_VERIFY_MODULE_FILE
- Verify the ownership and permissions of each loadable
module and the path leading up to it. This feature is enabled by
default.
RETURN VALUES
The
openpam_get_feature() function returns one of the
following values:
-
-
- [
PAM_SUCCESS
]
- Success.
-
-
- [
PAM_BAD_FEATURE
]
- Unrecognized or restricted feature.
SEE ALSO
openpam_set_feature(3),
pam(3),
pam_strerror(3)
STANDARDS
The
openpam_get_feature() function is an OpenPAM extension.
AUTHORS
The
openpam_get_feature() function and this manual page were
developed by
Dag-Erling Smørgrav
<
des@des.no>.