1f7e6344dSDag-Erling Smørgrav /*- 2*f3b0ac34SDag-Erling Smørgrav * Copyright (c) 2012-2015 Dag-Erling Smørgrav 3f7e6344dSDag-Erling Smørgrav * All rights reserved. 4f7e6344dSDag-Erling Smørgrav * 5f7e6344dSDag-Erling Smørgrav * Redistribution and use in source and binary forms, with or without 6f7e6344dSDag-Erling Smørgrav * modification, are permitted provided that the following conditions 7f7e6344dSDag-Erling Smørgrav * are met: 8f7e6344dSDag-Erling Smørgrav * 1. Redistributions of source code must retain the above copyright 9ce77a8d6SDag-Erling Smørgrav * notice, this list of conditions and the following disclaimer. 10f7e6344dSDag-Erling Smørgrav * 2. Redistributions in binary form must reproduce the above copyright 11f7e6344dSDag-Erling Smørgrav * notice, this list of conditions and the following disclaimer in the 12f7e6344dSDag-Erling Smørgrav * documentation and/or other materials provided with the distribution. 13f7e6344dSDag-Erling Smørgrav * 3. The name of the author may not be used to endorse or promote 14f7e6344dSDag-Erling Smørgrav * products derived from this software without specific prior written 15f7e6344dSDag-Erling Smørgrav * permission. 16f7e6344dSDag-Erling Smørgrav * 17f7e6344dSDag-Erling Smørgrav * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18f7e6344dSDag-Erling Smørgrav * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19f7e6344dSDag-Erling Smørgrav * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20f7e6344dSDag-Erling Smørgrav * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21f7e6344dSDag-Erling Smørgrav * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22f7e6344dSDag-Erling Smørgrav * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23f7e6344dSDag-Erling Smørgrav * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24f7e6344dSDag-Erling Smørgrav * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25f7e6344dSDag-Erling Smørgrav * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26f7e6344dSDag-Erling Smørgrav * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27f7e6344dSDag-Erling Smørgrav * SUCH DAMAGE. 28f7e6344dSDag-Erling Smørgrav */ 29f7e6344dSDag-Erling Smørgrav 30f7e6344dSDag-Erling Smørgrav #ifdef HAVE_CONFIG_H 31f7e6344dSDag-Erling Smørgrav # include "config.h" 32f7e6344dSDag-Erling Smørgrav #endif 33f7e6344dSDag-Erling Smørgrav 34f7e6344dSDag-Erling Smørgrav #include <security/pam_appl.h> 35f7e6344dSDag-Erling Smørgrav 36f7e6344dSDag-Erling Smørgrav #include "openpam_impl.h" 37f7e6344dSDag-Erling Smørgrav 38f7e6344dSDag-Erling Smørgrav #define STRUCT_OPENPAM_FEATURE(name, descr, dflt) \ 39f7e6344dSDag-Erling Smørgrav [OPENPAM_##name] = { \ 40f7e6344dSDag-Erling Smørgrav "OPENPAM_" #name, \ 41f7e6344dSDag-Erling Smørgrav descr, \ 42f7e6344dSDag-Erling Smørgrav dflt \ 43f7e6344dSDag-Erling Smørgrav } 44f7e6344dSDag-Erling Smørgrav 45f7e6344dSDag-Erling Smørgrav struct openpam_feature openpam_features[OPENPAM_NUM_FEATURES] = { 46f7e6344dSDag-Erling Smørgrav STRUCT_OPENPAM_FEATURE( 47f7e6344dSDag-Erling Smørgrav RESTRICT_SERVICE_NAME, 48f7e6344dSDag-Erling Smørgrav "Disallow path separators in service names", 49f7e6344dSDag-Erling Smørgrav 1 50f7e6344dSDag-Erling Smørgrav ), 51f7e6344dSDag-Erling Smørgrav STRUCT_OPENPAM_FEATURE( 52f7e6344dSDag-Erling Smørgrav VERIFY_POLICY_FILE, 53f7e6344dSDag-Erling Smørgrav "Verify ownership and permissions of policy files", 54f7e6344dSDag-Erling Smørgrav 1 55f7e6344dSDag-Erling Smørgrav ), 56f7e6344dSDag-Erling Smørgrav STRUCT_OPENPAM_FEATURE( 57f7e6344dSDag-Erling Smørgrav RESTRICT_MODULE_NAME, 58f7e6344dSDag-Erling Smørgrav "Disallow path separators in module names", 59f7e6344dSDag-Erling Smørgrav 0 60f7e6344dSDag-Erling Smørgrav ), 61f7e6344dSDag-Erling Smørgrav STRUCT_OPENPAM_FEATURE( 62f7e6344dSDag-Erling Smørgrav VERIFY_MODULE_FILE, 63f7e6344dSDag-Erling Smørgrav "Verify ownership and permissions of module files", 64f7e6344dSDag-Erling Smørgrav 1 65f7e6344dSDag-Erling Smørgrav ), 66*f3b0ac34SDag-Erling Smørgrav STRUCT_OPENPAM_FEATURE( 67*f3b0ac34SDag-Erling Smørgrav FALLBACK_TO_OTHER, 68*f3b0ac34SDag-Erling Smørgrav "Fall back to \"other\" policy for empty chains", 69*f3b0ac34SDag-Erling Smørgrav 1 70*f3b0ac34SDag-Erling Smørgrav ), 71f7e6344dSDag-Erling Smørgrav }; 72