xref: /freebsd/lib/libutil/login_cap.h (revision 90e914cd5ac1c8ecbf1ea88e9a65e7fa866c17a9) 
13564cb62SDavid Nugent /*-
23564cb62SDavid Nugent  * Copyright (c) 1996 by
33564cb62SDavid Nugent  * Sean Eric Fagan <sef@kithrup.com>
43564cb62SDavid Nugent  * David Nugent <davidn@blaze.net.au>
53564cb62SDavid Nugent  * All rights reserved.
63564cb62SDavid Nugent  *
73564cb62SDavid Nugent  * Redistribution and use in source and binary forms, with or without
83564cb62SDavid Nugent  * modification, is permitted provided that the following conditions
93564cb62SDavid Nugent  * are met:
103564cb62SDavid Nugent  * 1. Redistributions of source code must retain the above copyright
113564cb62SDavid Nugent  *    notice immediately at the beginning of the file, without modification,
123564cb62SDavid Nugent  *    this list of conditions, and the following disclaimer.
133564cb62SDavid Nugent  * 2. Redistributions in binary form must reproduce the above copyright
143564cb62SDavid Nugent  *    notice, this list of conditions and the following disclaimer in the
153564cb62SDavid Nugent  *    documentation and/or other materials provided with the distribution.
163564cb62SDavid Nugent  * 3. This work was done expressly for inclusion into FreeBSD.  Other use
173564cb62SDavid Nugent  *    is permitted provided this notation is included.
183564cb62SDavid Nugent  * 4. Absolutely no warranty of function or purpose is made by the authors.
193564cb62SDavid Nugent  * 5. Modifications may be freely made to this file providing the above
203564cb62SDavid Nugent  *    conditions are met.
213564cb62SDavid Nugent  *
223564cb62SDavid Nugent  * Low-level routines relating to the user capabilities database
233564cb62SDavid Nugent  *
243564cb62SDavid Nugent  *	Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
253564cb62SDavid Nugent  */
263564cb62SDavid Nugent 
273564cb62SDavid Nugent #ifndef _LOGIN_CAP_H_
283564cb62SDavid Nugent #define _LOGIN_CAP_H_
293564cb62SDavid Nugent 
303564cb62SDavid Nugent #define LOGIN_DEFCLASS		"default"
3156c04344SDavid Nugent #define LOGIN_DEFROOTCLASS	"root"
3256c04344SDavid Nugent #define LOGIN_MECLASS		"me"
333564cb62SDavid Nugent #define LOGIN_DEFSTYLE		"passwd"
343564cb62SDavid Nugent #define LOGIN_DEFSERVICE	"login"
353564cb62SDavid Nugent #define LOGIN_DEFUMASK		022
363564cb62SDavid Nugent #define LOGIN_DEFPRI		0
373564cb62SDavid Nugent #define _PATH_LOGIN_CONF	"/etc/login.conf"
383564cb62SDavid Nugent #define _FILE_LOGIN_CONF	".login_conf"
393564cb62SDavid Nugent #define _PATH_AUTHPROG		"/usr/libexec/login_"
403564cb62SDavid Nugent 
413564cb62SDavid Nugent #define LOGIN_SETGROUP		0x0001		/* set group */
423564cb62SDavid Nugent #define LOGIN_SETLOGIN		0x0002		/* set login (via setlogin) */
433564cb62SDavid Nugent #define LOGIN_SETPATH		0x0004		/* set path */
443564cb62SDavid Nugent #define LOGIN_SETPRIORITY	0x0008		/* set priority */
453564cb62SDavid Nugent #define LOGIN_SETRESOURCES	0x0010		/* set resources (cputime, etc.) */
463564cb62SDavid Nugent #define LOGIN_SETUMASK		0x0020		/* set umask, obviously */
473564cb62SDavid Nugent #define LOGIN_SETUSER		0x0040		/* set user (via setuid) */
483564cb62SDavid Nugent #define LOGIN_SETENV		0x0080		/* set user environment */
4927a68d26SRobert Watson #define LOGIN_SETMAC		0x0100		/* set user default MAC label */
50d84c4292SBrooks Davis #define LOGIN_SETCPUMASK	0x0200		/* set user cpumask */
512bfc50bcSEdward Tomasz Napierala #define LOGIN_SETLOGINCLASS	0x0400		/* set login class in the kernel */
522bfc50bcSEdward Tomasz Napierala #define LOGIN_SETALL		0x07ff		/* set everything */
533564cb62SDavid Nugent 
5456c04344SDavid Nugent #define BI_AUTH		"authorize"		/* accepted authentication */
5556c04344SDavid Nugent #define BI_REJECT	"reject"		/* rejected authentication */
5656c04344SDavid Nugent #define BI_CHALLENG	"reject challenge"	/* reject with a challenge */
5756c04344SDavid Nugent #define BI_SILENT	"reject silent"		/* reject silently */
5856c04344SDavid Nugent #define BI_REMOVE	"remove"		/* remove file on error */
5956c04344SDavid Nugent #define BI_ROOTOKAY	"authorize root"	/* root authenticated */
6056c04344SDavid Nugent #define BI_SECURE	"authorize secure"	/* okay on non-secure line */
6156c04344SDavid Nugent #define BI_SETENV	"setenv"		/* set environment variable */
6256c04344SDavid Nugent #define BI_VALUE	"value"			/* set local variable */
633564cb62SDavid Nugent 
6456c04344SDavid Nugent #define AUTH_OKAY		0x01		/* user authenticated */
653564cb62SDavid Nugent #define AUTH_ROOTOKAY		0x02		/* root login okay */
663564cb62SDavid Nugent #define AUTH_SECURE		0x04		/* secure login */
6756c04344SDavid Nugent #define AUTH_SILENT		0x08		/* silent rejection */
6856c04344SDavid Nugent #define AUTH_CHALLENGE		0x10		/* a chellenge was given */
6956c04344SDavid Nugent 
7056c04344SDavid Nugent #define AUTH_ALLOW		(AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
713564cb62SDavid Nugent 
723564cb62SDavid Nugent typedef struct login_cap {
733564cb62SDavid Nugent     char    *lc_class;
743564cb62SDavid Nugent     char    *lc_cap;
753564cb62SDavid Nugent     char    *lc_style;
763564cb62SDavid Nugent } login_cap_t;
773564cb62SDavid Nugent 
783564cb62SDavid Nugent typedef struct login_time {
793564cb62SDavid Nugent     u_short     lt_start;	/* Start time */
803564cb62SDavid Nugent     u_short     lt_end;		/* End time */
813564cb62SDavid Nugent #define LTM_NONE  0x00
823564cb62SDavid Nugent #define LTM_SUN   0x01
833564cb62SDavid Nugent #define LTM_MON   0x02
843564cb62SDavid Nugent #define LTM_TUE   0x04
853564cb62SDavid Nugent #define LTM_WED   0x08
863564cb62SDavid Nugent #define LTM_THU   0x10
873564cb62SDavid Nugent #define LTM_FRI   0x20
883564cb62SDavid Nugent #define LTM_SAT   0x40
893564cb62SDavid Nugent #define LTM_ANY   0x7F
903564cb62SDavid Nugent #define LTM_WK    0x3E
913564cb62SDavid Nugent #define LTM_WD    0x41
923564cb62SDavid Nugent     u_char	 lt_dow;	/* Days of week */
933564cb62SDavid Nugent } login_time_t;
9456c04344SDavid Nugent 
953564cb62SDavid Nugent #define LC_MAXTIMES 64
963564cb62SDavid Nugent 
973564cb62SDavid Nugent #include <sys/cdefs.h>
983564cb62SDavid Nugent __BEGIN_DECLS
993564cb62SDavid Nugent struct passwd;
1003564cb62SDavid Nugent 
10169160b1eSDavid E. O'Brien void login_close(login_cap_t *);
10269160b1eSDavid E. O'Brien login_cap_t *login_getclassbyname(const char *, const struct passwd *);
10369160b1eSDavid E. O'Brien login_cap_t *login_getclass(const char *);
10469160b1eSDavid E. O'Brien login_cap_t *login_getpwclass(const struct passwd *);
10569160b1eSDavid E. O'Brien login_cap_t *login_getuserclass(const struct passwd *);
1063564cb62SDavid Nugent 
10793b5982bSDag-Erling Smørgrav const char *login_getcapstr(login_cap_t *, const char *, const char *,
10893b5982bSDag-Erling Smørgrav     const char *);
109547fa0d9SMark Murray const char **login_getcaplist(login_cap_t *, const char *, const char *);
110b00ba4ccSRuslan Ermilov const char *login_getstyle(login_cap_t *, const char *, const char *);
11169160b1eSDavid E. O'Brien rlim_t login_getcaptime(login_cap_t *, const char *, rlim_t, rlim_t);
11269160b1eSDavid E. O'Brien rlim_t login_getcapnum(login_cap_t *, const char *, rlim_t, rlim_t);
113*90e914cdSOlivier Certner int login_getcapenum(login_cap_t *lc, const char *cap,
114*90e914cdSOlivier Certner     const char * const *values);
11569160b1eSDavid E. O'Brien rlim_t login_getcapsize(login_cap_t *, const char *, rlim_t, rlim_t);
116b00ba4ccSRuslan Ermilov const char *login_getpath(login_cap_t *, const char *, const char *);
11769160b1eSDavid E. O'Brien int login_getcapbool(login_cap_t *, const char *, int);
11869160b1eSDavid E. O'Brien const char *login_setcryptfmt(login_cap_t *, const char *, const char *);
1193564cb62SDavid Nugent 
12069160b1eSDavid E. O'Brien int setclasscontext(const char *, unsigned int);
12192657d3cSDag-Erling Smørgrav void setclasscpumask(login_cap_t *);
12269160b1eSDavid E. O'Brien int setusercontext(login_cap_t *, const struct passwd *, uid_t, unsigned int);
12369160b1eSDavid E. O'Brien void setclassresources(login_cap_t *);
12469160b1eSDavid E. O'Brien void setclassenvironment(login_cap_t *, const struct passwd *, int);
1253564cb62SDavid Nugent 
12656c04344SDavid Nugent /* Most of these functions are deprecated */
12769160b1eSDavid E. O'Brien int auth_approve(login_cap_t *, const char *, const char *);
12869160b1eSDavid E. O'Brien int auth_check(const char *, const char *, const char *, const char *, int *);
12969160b1eSDavid E. O'Brien void auth_env(void);
13093b5982bSDag-Erling Smørgrav char *auth_mkvalue(const char *);
13193b5982bSDag-Erling Smørgrav int auth_response(const char *, const char *, const char *, const char *, int *,
13293b5982bSDag-Erling Smørgrav     const char *, const char *);
13369160b1eSDavid E. O'Brien void auth_rmfiles(void);
13469160b1eSDavid E. O'Brien int auth_scan(int);
13569160b1eSDavid E. O'Brien int auth_script(const char *, ...);
13669160b1eSDavid E. O'Brien int auth_script_data(const char *, int, const char *, ...);
13769160b1eSDavid E. O'Brien char *auth_valud(const char *);
13869160b1eSDavid E. O'Brien int auth_setopt(const char *, const char *);
13969160b1eSDavid E. O'Brien void auth_clropts(void);
14056c04344SDavid Nugent 
14169160b1eSDavid E. O'Brien void auth_checknologin(login_cap_t *);
14269160b1eSDavid E. O'Brien int auth_cat(const char *);
1433564cb62SDavid Nugent 
14469160b1eSDavid E. O'Brien int auth_ttyok(login_cap_t *, const char *);
14569160b1eSDavid E. O'Brien int auth_hostok(login_cap_t *, const char *, char const *);
14669160b1eSDavid E. O'Brien int auth_timeok(login_cap_t *, time_t);
1473564cb62SDavid Nugent 
1483564cb62SDavid Nugent struct tm;
1493564cb62SDavid Nugent 
15069160b1eSDavid E. O'Brien login_time_t parse_lt(const char *);
151b1720f52SDag-Erling Smørgrav int in_lt(const login_time_t *, time_t *);
15269160b1eSDavid E. O'Brien int in_ltm(const login_time_t *, struct tm *, time_t *);
15369160b1eSDavid E. O'Brien int in_ltms(const login_time_t *, struct tm *, time_t *);
154b1720f52SDag-Erling Smørgrav int in_lts(const login_time_t *, time_t *);
1553564cb62SDavid Nugent 
15656c04344SDavid Nugent /* helper functions */
1573564cb62SDavid Nugent 
158547fa0d9SMark Murray int login_strinlist(const char **, char const *, int);
159547fa0d9SMark Murray int login_str2inlist(const char **, const char *, const char *, int);
16093b5982bSDag-Erling Smørgrav login_time_t * login_timelist(login_cap_t *, char const *, int *,
16193b5982bSDag-Erling Smørgrav     login_time_t **);
16269160b1eSDavid E. O'Brien int login_ttyok(login_cap_t *, const char *, const char *, const char *);
16393b5982bSDag-Erling Smørgrav int login_hostok(login_cap_t *, const char *, const char *, const char *,
16493b5982bSDag-Erling Smørgrav     const char *);
1653564cb62SDavid Nugent 
1663564cb62SDavid Nugent __END_DECLS
1673564cb62SDavid Nugent 
1683564cb62SDavid Nugent #endif /* _LOGIN_CAP_H_ */
169