1.\" Copyright (c) 1995 David Nugent <davidn@blaze.net.au> 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, is permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice immediately at the beginning of the file, without modification, 9.\" this list of conditions, and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 3. This work was done expressly for inclusion into FreeBSD. Other use 14.\" is permitted provided this notation is included. 15.\" 4. Absolutely no warranty of function or purpose is made by the author 16.\" David Nugent. 17.\" 5. Modifications may be freely made to this file providing the above 18.\" conditions are met. 19.\" 20.\" $FreeBSD$ 21.\" 22.Dd December 27, 1996 23.Os FreeBSD 24.Dt LOGIN_CAP 3 25.Sh NAME 26.Nm login_close , 27.Nm login_getcapbool , 28.Nm login_getcaplist , 29.Nm login_getcapnum , 30.Nm login_getcapstr , 31.Nm login_getcapsize , 32.Nm login_getcaptime , 33.Nm login_getclass , 34.Nm login_getclassbyname , 35.Nm login_getpwclass , 36.Nm login_getstyle , 37.Nm login_getuserclass 38.Nd functions for accessing the login class capabilities database. 39.Sh LIBRARY 40.Lb libutil 41.Sh SYNOPSIS 42.Fd #include <sys/types.h> 43.Fd #include <login_cap.h> 44.Ft void 45.Fn login_close "login_cap_t *lc" 46.Ft login_cap_t * 47.Fn login_getclassbyname "const char *nam" "const struct passwd *pwd" 48.Ft login_cap_t * 49.Fn login_getclass "const char *nam" 50.Ft login_cap_t * 51.Fn login_getpwclass "const struct passwd *pwd" 52.Ft login_cap_t * 53.Fn login_getuserclass "const struct passwd *pwd" 54.Ft char * 55.Fn login_getcapstr "login_cap_t *lc" "const char *cap" "char *def" "char *error" 56.Ft char ** 57.Fn login_getcaplist "login_cap_t *lc" "const char *cap" "const char *chars" 58.Ft char * 59.Fn login_getpath "login_cap_t *lc" "const char *cap" "char *error" 60.Ft rlim_t 61.Fn login_getcaptime "login_cap_t *lc" "const char *cap" "rlim_t def" "rlim_t error" 62.Ft rlim_t 63.Fn login_getcapnum "login_cap_t *lc" "const char *cap" "rlim_t def" "rlim_t error" 64.Ft rlim_t 65.Fn login_getcapsize "login_cap_t *lc" "const char *cap" "rlim_t def" "rlim_t error" 66.Ft int 67.Fn login_getcapbool "login_cap_t *lc" "const char *cap" "int def" 68.Ft char * 69.Fn login_getstyle "login_cap_t *lc" "char *style" "const char *auth" 70.Sh DESCRIPTION 71These functions represent a programming interface to the login 72classes database provided in 73.Xr login.conf 5 . 74This database contains capabilities, attributes and default environment 75and accounting settings for users and programs running as specific users, 76as determined by the login class field within entries in 77.Pa /etc/master.passwd . 78.Pp 79Entries in 80.Xr login.conf 5 81consist of colon 82.Ql \&: 83separated fields, the first field in each record being one or more 84identifiers for the record (which must be unique for the entire database), 85each separated by a '|', and may optionally include a description as 86the last 'name'. 87Remaining fields in the record consist of keyword/data pairs. 88Long lines may be continued with a backslash within empty entries, 89with the second and subsequent lines optionally indented for readability. 90This is similar to the format used in 91.Xr termcap 5 , 92except that keywords are not limited to two significant characters, 93and are usually longer for improved readability. 94As with termcap entries, multiple records can be linked together 95(one record including another) using a field containing tc=<recordid>. 96The result is that the entire record referenced by <recordid> replaces 97the tc= field at the point at which it occurs. 98See 99.Xr getcap 3 100for further details on the format and use of a capabilities database. 101.Pp 102The 103.Nm login_cap 104interface provides a convenient means of retrieving login class 105records with all tc= references expanded. 106A program will typically call one of 107.Fn login_getclass , 108.Fn login_getpwclass , 109.Fn login_getuserclass 110or 111.Fn login_getclassbyname 112according to its requirements. 113Each of these functions returns a login capabilities structure, 114.Ft login_cap_t , 115which may subsequently be used to interrogate the database for 116specific values using the rest of the API. 117Once the login_cap_t is of no further use, the 118.Fn login_close 119function should be called to free all resources used. 120.Pp 121The structure of login_cap_t is defined in login_cap.h, as: 122.Bd -literal -offset indent 123typedef struct { 124 char *lc_class; 125 char *lc_cap; 126 char *lc_style; 127} login_cap_t; 128.Ed 129.Pp 130The 131.Ar lc_class 132member contains a pointer to the name of the login class 133retrieved. 134This may not necessarily be the same as the one requested, 135either directly via 136.Fn login_getclassbyname , 137indirectly via a user's login record using 138.Fn login_getpwclass , 139by class name using 140.Fn login_getclass , 141or 142.Fn login_getuserclass . 143If the referenced user has no login class specified in 144.Pa /etc/master.passwd , 145the class name is NULL or an empty string. 146If the class 147specified does not exist in the database, each of these 148functions will search for a record with an id of "default", 149with that name returned in the 150.Ar lc_class 151field. 152In addition, if the referenced user has a UID of 0 (normally, 153"root", although the user name is not considered) then 154.Fn login_getpwclass 155will search for a record with an id of "root" before it searches 156for the record with the id of "default". 157.Pp 158The 159.Ar lc_cap 160field is used internally by the library to contain the 161expanded login capabilities record. 162Programs with unusual requirements may wish to use this 163with the lower-level 164.Fn getcap 165style functions to access the record directly. 166.Pp 167The 168.Ar lc_style 169field is set by the 170.Fn login_getstyle 171function to the authorisation style, according to the requirements 172of the program handling a login itself. 173.Pp 174As noted above, the 175.Fn get*class 176functions return a login_cap_t object which is used to access 177the matching or default record in the capabilities database. 178.Fn getclassbyname 179accepts two arguments: the first one is the record identifier of the 180record to be retrieved, the second is an optional directory name. 181If the first 182.Ar name 183argument is NULL, an empty string, or a class that does not exist 184in the supplemental or system login class database, then the system 185.Em default 186record is returned instead. 187If the second 188.Ar dir 189parameter is NULL, then only the system login class database is 190used, but when not NULL, the named directory is searched for 191a login database file called ".login_conf", and capability records 192contained within it may override the system defaults. 193This scheme allows users to override some login settings from 194those in the system login class database by creating class records 195for their own private class with a record id of `me'. 196In the context of a 197.Em login , 198it should be noted that some options cannot by overridden by 199users for two reasons; many options, such as resource settings 200and default process priorities, require root privileges 201in order to take effect, and other fields in the user's file are 202not be consulted at all during the early phases of login for 203security or administrative reasons. 204See 205.Xr login.conf 5 206for more information on which settings a user is able to override. 207Typically, these are limited purely to the user's default login 208environment which might otherwise have been overridden in shell 209startup scripts in any case. 210The user's 211.Pa .login_conf 212merely provides a convenient way for a user to set up their preferred 213login environment before the shell is invoked on login. 214.Pp 215If the specified record is NULL, empty or does not exist, and the 216system has no "default" record available to fall back to, there is a 217memory allocation error or for some reason 218.Xr cgetent 3 219is unable to access the login capabilities database, this function 220returns NULL. 221.Pp 222The functions 223.Fn login_getpwclass , 224.Fn login_getclass 225and 226.Fn login_getuserclass 227retrieve the applicable login class record for the user's passwd 228entry or class name by calling 229.Fn login_getclassbyname . 230On failure, NULL is returned. 231The difference between these functions is that 232.Fn login_getuserclass 233includes the user's overriding 234.Pa .login_conf 235that exists in the user's home directory, and 236.Fn login_getpwclass 237and 238.Fn login_getclass 239restrict lookup only to the system login class database in 240.Pa /etc/login.conf . 241As explained earlier, 242.Fn login_getpwclass 243only differs from 244.Fn login_getclass 245in that it allows the default class for user 'root' as "root" 246if none has been specified in the password database. 247Otherwise, if the passwd pointer is NULL, or the user record 248has no login class, then the system "default" entry is retrieved. 249.Pp 250Once a program no longer wishes to use a login_cap_t object, 251.Fn login_close 252may be called to free all resources used by the login class. 253.Fn login_close 254may be passed a NULL pointer with no harmful side-effects. 255.Pp 256The remaining functions may be used to retrieve individual 257capability records. 258Each function takes a login_cap_t object as its first parameter, 259a capability tag as the second, and remaining parameters being 260default and error values that are returned if the capability is 261not found. 262The type of the additional parameters passed and returned depend 263on the 264.Em type 265of capability each deals with, be it a simple string, a list, 266a time value, a file or memory size value, a path (consisting of 267a colon-separated list of directories) or a boolean flag. 268The manpage for 269.Xr login.conf 5 270deals in specific tags and their type. 271.Pp 272Note that with all functions in this group, you should not call 273.Xr free 3 274on any pointers returned. 275Memory allocated during retrieval or processing of capability 276tags is automatically reused by subsequent calls to functions 277in this group, or deallocated on calling 278.Fn login_close . 279.Bl -tag -width "login_getcaplist()" 280.It Fn login_getcapstr 281This function returns a simple string capability. 282If the string is not found, then the value in 283.Ar def 284is returned as the default value, or if an error 285occurs, the value in the 286.Ar error 287parameter is returned. 288.It Fn login_getcaplist 289This function returns the value corresponding to the named 290capability tag as a list of values in a NULL terminated 291array. 292Within the login class database, some tags are of type 293.Em list , 294which consist of one or more comma- or space separated 295values. 296Usually, this function is not called directly from an 297application, but is used indirectly via 298.Fn login_getstyle . 299.It Fn login_getpath 300This function returns a list of directories separated by colons 301.Ql &: . 302Capability tags for which this function is called consist of a list of 303directories separated by spaces. 304.It Fn login_getcaptime 305This function returns a 306.Em time value 307associated with a particular capability tag with the value expressed 308in seconds (the default), minutes, hours, days, weeks or (365 day) 309years or any combination of these. 310A suffix determines the units used: S for seconds, M for minutes, 311H for hours, D for days, W for weeks and Y for 365 day years. 312Case of the units suffix is ignored. 313.Pp 314Time values are normally used for setting resource, accounting and 315session limits. 316If supported by the operating system and compiler 317.Po 318which is true of 319.Fx 320.Pc , 321the value returned is a quad (long long), of type 322.Em rlim_t . 323A value "inf" or "infinity" may be used to express an infinite 324value, in which case RLIM_INFINITY is returned. 325.It Fn login_getcapnum 326This function returns a numeric value for a tag, expressed either as 327tag=<value> or the standard 328.Fn cgetnum 329format tag#<value>. 330The first format should be used in preference to the second, the 331second format is provided for compatibility and consistency with the 332.Xr getcap 3 333database format where numeric types use the 334.Ql \&# 335as the delimiter for numeric values. 336If in the first format, then the value given may be "inf" or 337"infinity" which results in a return value of RLIM_INFINITY. 338If the given capability tag cannot be found, the 339.Ar def 340parameter is returned, and if an error occurs, the 341.Ar error 342parameter is returned. 343.It Fn login_getcapsize 344.Fn login_getcapsize 345returns a value representing a size (typically, file or memory) 346which may be expressed as bytes (the default), 512 byte blocks, 347kilobytes, megabytes, gigabytes, and on systems that support the 348.Ar long long 349type, terabytes. 350The suffix used determines the units, and multiple values and 351units may be used in combination (e.g. 1m500k = 1.5 megabytes). 352A value with no suffix is interpreted as bytes, B as 512-byte 353blocks, K as kilobytes, M as megabytes, G as gigabytes and T as 354terrabytes. 355Case is ignored. 356The error value is returned if there is a login capabilities database 357error, if an invalid suffix is used, or if a numeric value cannot be 358interpreted. 359.It Fn login_getcapbool 360This function returns a boolean value tied to a particular flag. 361It returns 0 if the given capability tag is not present or is 362negated by the presence of a "tag@" (See 363.Xr getcap 3 364for more information on boolean flags), and returns 1 if the tag 365is found. 366.It Fn login_getstyle 367This function is used by the login authorisation system to determine 368the style of login available in a particular case. 369The function accepts three parameters, the login_cap entry itself and 370two optional parameters, and authorisation type 'auth' and 'style', and 371applies these to determine the authorisation style that best suites 372these rules. 373.Bl -bullet -indent offset 374.It 375If 'auth' is neither NULL nor an empty string, look for a tag of type 376"auth-<auth>" in the capability record. 377If not present, then look for the default tag "auth=". 378.It 379If no valid authorisation list was found from the previous step, then 380default to "passwd" as the authorisation list. 381.It 382If 'style' is not NULL or empty, look for it in the list of authorisation 383methods found from the pprevious step. 384If 'style' is NULL or an empty string, then default to "passwd" 385authorisation. 386.It 387If 'style' is found in the chosen list of authorisation methods, then 388return that, otherwise return NULL. 389.El 390.Pp 391This scheme allows the administrator to determine the types of 392authorisation methods accepted by the system, depending on the 393means by which the access occurs. 394For example, the administrator may require skey or kerberos as 395the authentication method used for access to the system via the 396network, and standard methods via direct dialup or console 397logins, significantly reducing the risk of password discovery 398by "snooping" network packets. 399.El 400.Sh SEE ALSO 401.Xr getcap 3 , 402.Xr login_class 3 , 403.Xr login.conf 5 , 404.Xr termcap 5 405