lib/libutil/login_cap.h

3564cb62SDavid Nugent/*-
3564cb62SDavid Nugent * Copyright (c) 1996 by
3564cb62SDavid Nugent * Sean Eric Fagan <sef@kithrup.com>
3564cb62SDavid Nugent * David Nugent <davidn@blaze.net.au>
3564cb62SDavid Nugent * All rights reserved.
3564cb62SDavid Nugent *
3564cb62SDavid Nugent * Redistribution and use in source and binary forms, with or without
3564cb62SDavid Nugent * modification, is permitted provided that the following conditions
3564cb62SDavid Nugent * are met:
3564cb62SDavid Nugent * 1. Redistributions of source code must retain the above copyright
3564cb62SDavid Nugent *    notice immediately at the beginning of the file, without modification,
3564cb62SDavid Nugent *    this list of conditions, and the following disclaimer.
3564cb62SDavid Nugent * 2. Redistributions in binary form must reproduce the above copyright
3564cb62SDavid Nugent *    notice, this list of conditions and the following disclaimer in the
3564cb62SDavid Nugent *    documentation and/or other materials provided with the distribution.
3564cb62SDavid Nugent * 3. This work was done expressly for inclusion into FreeBSD.  Other use
3564cb62SDavid Nugent *    is permitted provided this notation is included.
3564cb62SDavid Nugent * 4. Absolutely no warranty of function or purpose is made by the authors.
3564cb62SDavid Nugent * 5. Modifications may be freely made to this file providing the above
3564cb62SDavid Nugent *    conditions are met.
3564cb62SDavid Nugent *
3564cb62SDavid Nugent * Low-level routines relating to the user capabilities database
3564cb62SDavid Nugent *
3564cb62SDavid Nugent *	Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
3564cb62SDavid Nugent */
3564cb62SDavid Nugent
3564cb62SDavid Nugent#ifndef _LOGIN_CAP_H_
3564cb62SDavid Nugent#define _LOGIN_CAP_H_
3564cb62SDavid Nugent
3564cb62SDavid Nugent#define LOGIN_DEFCLASS		"default"
56c04344SDavid Nugent#define LOGIN_DEFROOTCLASS	"root"
56c04344SDavid Nugent#define LOGIN_MECLASS		"me"
3564cb62SDavid Nugent#define LOGIN_DEFSTYLE		"passwd"
3564cb62SDavid Nugent#define LOGIN_DEFSERVICE	"login"
3564cb62SDavid Nugent#define _PATH_LOGIN_CONF	"/etc/login.conf"
3564cb62SDavid Nugent#define _FILE_LOGIN_CONF	".login_conf"
3564cb62SDavid Nugent#define _PATH_AUTHPROG		"/usr/libexec/login_"
3564cb62SDavid Nugent
3564cb62SDavid Nugent#define LOGIN_SETGROUP		0x0001		/* set group */
3564cb62SDavid Nugent#define LOGIN_SETLOGIN		0x0002		/* set login (via setlogin) */
3564cb62SDavid Nugent#define LOGIN_SETPATH		0x0004		/* set path */
3564cb62SDavid Nugent#define LOGIN_SETPRIORITY	0x0008		/* set priority */
3564cb62SDavid Nugent#define LOGIN_SETRESOURCES	0x0010		/* set resources (cputime, etc.) */
3564cb62SDavid Nugent#define LOGIN_SETUMASK		0x0020		/* set umask, obviously */
3564cb62SDavid Nugent#define LOGIN_SETUSER		0x0040		/* set user (via setuid) */
3564cb62SDavid Nugent#define LOGIN_SETENV		0x0080		/* set user environment */
27a68d26SRobert Watson#define LOGIN_SETMAC		0x0100		/* set user default MAC label */
d84c4292SBrooks Davis#define LOGIN_SETCPUMASK	0x0200		/* set user cpumask */
2bfc50bcSEdward Tomasz Napierala#define LOGIN_SETLOGINCLASS	0x0400		/* set login class in the kernel */
2bfc50bcSEdward Tomasz Napierala#define LOGIN_SETALL		0x07ff		/* set everything */
3564cb62SDavid Nugent
56c04344SDavid Nugent#define BI_AUTH		"authorize"		/* accepted authentication */
56c04344SDavid Nugent#define BI_REJECT	"reject"		/* rejected authentication */
56c04344SDavid Nugent#define BI_CHALLENG	"reject challenge"	/* reject with a challenge */
56c04344SDavid Nugent#define BI_SILENT	"reject silent"		/* reject silently */
56c04344SDavid Nugent#define BI_REMOVE	"remove"		/* remove file on error */
56c04344SDavid Nugent#define BI_ROOTOKAY	"authorize root"	/* root authenticated */
56c04344SDavid Nugent#define BI_SECURE	"authorize secure"	/* okay on non-secure line */
56c04344SDavid Nugent#define BI_SETENV	"setenv"		/* set environment variable */
56c04344SDavid Nugent#define BI_VALUE	"value"			/* set local variable */
3564cb62SDavid Nugent
56c04344SDavid Nugent#define AUTH_OKAY		0x01		/* user authenticated */
3564cb62SDavid Nugent#define AUTH_ROOTOKAY		0x02		/* root login okay */
3564cb62SDavid Nugent#define AUTH_SECURE		0x04		/* secure login */
56c04344SDavid Nugent#define AUTH_SILENT		0x08		/* silent rejection */
56c04344SDavid Nugent#define AUTH_CHALLENGE		0x10		/* a chellenge was given */
56c04344SDavid Nugent
56c04344SDavid Nugent#define AUTH_ALLOW		(AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
3564cb62SDavid Nugent
3564cb62SDavid Nugenttypedef struct login_cap {
3564cb62SDavid Nugent    char    *lc_class;
3564cb62SDavid Nugent    char    *lc_cap;
3564cb62SDavid Nugent    char    *lc_style;
3564cb62SDavid Nugent} login_cap_t;
3564cb62SDavid Nugent
3564cb62SDavid Nugenttypedef struct login_time {
3564cb62SDavid Nugent    u_short     lt_start;	/* Start time */
3564cb62SDavid Nugent    u_short     lt_end;		/* End time */
3564cb62SDavid Nugent#define LTM_NONE  0x00
3564cb62SDavid Nugent#define LTM_SUN   0x01
3564cb62SDavid Nugent#define LTM_MON   0x02
3564cb62SDavid Nugent#define LTM_TUE   0x04
3564cb62SDavid Nugent#define LTM_WED   0x08
3564cb62SDavid Nugent#define LTM_THU   0x10
3564cb62SDavid Nugent#define LTM_FRI   0x20
3564cb62SDavid Nugent#define LTM_SAT   0x40
3564cb62SDavid Nugent#define LTM_ANY   0x7F
3564cb62SDavid Nugent#define LTM_WK    0x3E
3564cb62SDavid Nugent#define LTM_WD    0x41
3564cb62SDavid Nugent    u_char	 lt_dow;	/* Days of week */
3564cb62SDavid Nugent} login_time_t;
56c04344SDavid Nugent
3564cb62SDavid Nugent#define LC_MAXTIMES 64
3564cb62SDavid Nugent
3564cb62SDavid Nugent#include <sys/cdefs.h>
3564cb62SDavid Nugent__BEGIN_DECLS
3564cb62SDavid Nugentstruct passwd;
3564cb62SDavid Nugent
69160b1eSDavid E. O'Brienvoid login_close(login_cap_t *);
69160b1eSDavid E. O'Brienlogin_cap_t *login_getclassbyname(const char *, const struct passwd *);
69160b1eSDavid E. O'Brienlogin_cap_t *login_getclass(const char *);
69160b1eSDavid E. O'Brienlogin_cap_t *login_getpwclass(const struct passwd *);
69160b1eSDavid E. O'Brienlogin_cap_t *login_getuserclass(const struct passwd *);
3564cb62SDavid Nugent
93b5982bSDag-Erling Smørgravconst char *login_getcapstr(login_cap_t *, const char *, const char *,
93b5982bSDag-Erling Smørgrav    const char *);
547fa0d9SMark Murrayconst char **login_getcaplist(login_cap_t *, const char *, const char *);
b00ba4ccSRuslan Ermilovconst char *login_getstyle(login_cap_t *, const char *, const char *);
69160b1eSDavid E. O'Brienrlim_t login_getcaptime(login_cap_t *, const char *, rlim_t, rlim_t);
69160b1eSDavid E. O'Brienrlim_t login_getcapnum(login_cap_t *, const char *, rlim_t, rlim_t);
*90e914cdSOlivier Certnerint login_getcapenum(login_cap_t *lc, const char *cap,
*90e914cdSOlivier Certner    const char * const *values);
69160b1eSDavid E. O'Brienrlim_t login_getcapsize(login_cap_t *, const char *, rlim_t, rlim_t);
b00ba4ccSRuslan Ermilovconst char *login_getpath(login_cap_t *, const char *, const char *);
69160b1eSDavid E. O'Brienint login_getcapbool(login_cap_t *, const char *, int);
69160b1eSDavid E. O'Brienconst char *login_setcryptfmt(login_cap_t *, const char *, const char *);
3564cb62SDavid Nugent
69160b1eSDavid E. O'Brienint setclasscontext(const char *, unsigned int);
92657d3cSDag-Erling Smørgravvoid setclasscpumask(login_cap_t *);
69160b1eSDavid E. O'Brienint setusercontext(login_cap_t *, const struct passwd *, uid_t, unsigned int);
69160b1eSDavid E. O'Brienvoid setclassresources(login_cap_t *);
69160b1eSDavid E. O'Brienvoid setclassenvironment(login_cap_t *, const struct passwd *, int);
3564cb62SDavid Nugent
56c04344SDavid Nugent/* Most of these functions are deprecated */
69160b1eSDavid E. O'Brienint auth_approve(login_cap_t *, const char *, const char *);
69160b1eSDavid E. O'Brienint auth_check(const char *, const char *, const char *, const char *, int *);
69160b1eSDavid E. O'Brienvoid auth_env(void);
93b5982bSDag-Erling Smørgravchar *auth_mkvalue(const char *);
93b5982bSDag-Erling Smørgravint auth_response(const char *, const char *, const char *, const char *, int *,
93b5982bSDag-Erling Smørgrav    const char *, const char *);
69160b1eSDavid E. O'Brienvoid auth_rmfiles(void);
69160b1eSDavid E. O'Brienint auth_scan(int);
69160b1eSDavid E. O'Brienint auth_script(const char *, ...);
69160b1eSDavid E. O'Brienint auth_script_data(const char *, int, const char *, ...);
69160b1eSDavid E. O'Brienchar *auth_valud(const char *);
69160b1eSDavid E. O'Brienint auth_setopt(const char *, const char *);
69160b1eSDavid E. O'Brienvoid auth_clropts(void);
56c04344SDavid Nugent
69160b1eSDavid E. O'Brienvoid auth_checknologin(login_cap_t *);
69160b1eSDavid E. O'Brienint auth_cat(const char *);
3564cb62SDavid Nugent
69160b1eSDavid E. O'Brienint auth_ttyok(login_cap_t *, const char *);
69160b1eSDavid E. O'Brienint auth_hostok(login_cap_t *, const char *, char const *);
69160b1eSDavid E. O'Brienint auth_timeok(login_cap_t *, time_t);
3564cb62SDavid Nugent
3564cb62SDavid Nugentstruct tm;
3564cb62SDavid Nugent
69160b1eSDavid E. O'Brienlogin_time_t parse_lt(const char *);
b1720f52SDag-Erling Smørgravint in_lt(const login_time_t *, time_t *);
69160b1eSDavid E. O'Brienint in_ltm(const login_time_t *, struct tm *, time_t *);
69160b1eSDavid E. O'Brienint in_ltms(const login_time_t *, struct tm *, time_t *);
b1720f52SDag-Erling Smørgravint in_lts(const login_time_t *, time_t *);
3564cb62SDavid Nugent
56c04344SDavid Nugent/* helper functions */
3564cb62SDavid Nugent
547fa0d9SMark Murrayint login_strinlist(const char **, char const *, int);
547fa0d9SMark Murrayint login_str2inlist(const char **, const char *, const char *, int);
93b5982bSDag-Erling Smørgravlogin_time_t * login_timelist(login_cap_t *, char const *, int *,
93b5982bSDag-Erling Smørgrav    login_time_t **);
69160b1eSDavid E. O'Brienint login_ttyok(login_cap_t *, const char *, const char *, const char *);
93b5982bSDag-Erling Smørgravint login_hostok(login_cap_t *, const char *, const char *, const char *,
93b5982bSDag-Erling Smørgrav    const char *);
3564cb62SDavid Nugent
3564cb62SDavid Nugent__END_DECLS
3564cb62SDavid Nugent
3564cb62SDavid Nugent#endif /* _LOGIN_CAP_H_ */