HP-UX Reference (11i v2 03/08) - 3 Library Functions N-Z (vol 7)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

101

102

103

104

105

106

107

108

109

110

pam_acct_mgmt(3) pam_acct_mgmt(3)

NAME

pam_acct_mgmt - perform PAM account validation procedures

SYNOPSIS

cc [ ﬂag ... ] ﬁle ...

-lpam [ library ... ]

#include <security/pam_appl.h>

int pam_acct_mgmt(pam_handle_t *

pamh, int ﬂags);

DESCRIPTION

The function pam_acct_mgmt()

is called to determine if the current user’s account is valid. This

includes checking for password and account expiration, as well as verifying access hour restrictions and

terminal access restrictions for trusted mode. This function is typically called after the user has been

authenticated with pam_authenticate(3).

The pamh argument is an authentication handle obtained by a prior call to

pam_start(). The follow-

ing ﬂags may be set in the ﬂags ﬁeld:

PAM_SILENT

The account management service should not generate any messages

PAM_DISALLOW_NULL_AUTHTOK

The account management service should return PAM_AUTHTOKEN_REQD

if the user has a

null authentication token.

APPLICATION USAGE

Refer to pam(3) for information on thread-safety of PAM interfaces.

RETURN VALUES

Upon successful completion,

PAM_SUCCESS is returned. In addition to the error return values described

in pam(3), the following values may be returned:

PAM_USER_UNKNOWN User not known to underlying account management module.

PAM_AUTH_ERR Authentication failure.

PAM_AUTHTOKEN_REQD

New authentication token required. This is normally returned if the

machine security policies require that the password should be changed

because the password is NULL or it has aged.

PAM_ACCT_EXPIRED User account has expired.

PAM_ACCT_DISABLED

User account has been disabled (trusted mode only).

PAM_TERM_DISABLED

Terminal has been disabled (trusted mode only).

PAM_NOT_AUTHORIZED

User is not authorized for terminal access (trusted mode only).

PAM_NOT_RTIME Wrong time to login (trusted mode only).