xref: /illumos-gate/usr/src/lib/pam_modules/deny/deny.c (revision 75eba5b6d79ed4d2ce3daf7b2806306b6b69a938)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <strings.h>
30 #include <syslog.h>
31 
32 #include <security/pam_appl.h>
33 #include <security/pam_modules.h>
34 
35 /*
36  * pam_deny - PAM service module that returns the default error code for
37  *	      all service module types.
38  *
39  *	Entry	argv = debug, syslog call LOG_AUTH | LOG_DEBUG.
40  *
41  *	Exit	PAM_* appropriate for service module type.
42  *
43  *	Uses	PAM_USER, PAM_SERVICE
44  */
45 
46 static void
47 debug(pam_handle_t *pamh, int flags, int argc, const char **argv, char *mod)
48 {
49 	char *user;
50 	char *service;
51 
52 	if (argc < 1 || strcmp(argv[0], "debug") != 0)
53 		return;
54 
55 	(void) pam_get_item(pamh, PAM_SERVICE, (void **)&service);
56 	(void) pam_get_item(pamh, PAM_USER, (void **)&user);
57 
58 	syslog(LOG_AUTH | LOG_DEBUG, "%s pam_deny:%s(%x) for %s",
59 	    service ? service : "No Service Specified", mod, flags,
60 	    user ? user : "No User Specified");
61 }
62 
63 int
64 pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
65 {
66 	debug(pamh, flags, argc, argv, "pam_sm_authenticate");
67 	return (PAM_AUTH_ERR);
68 }
69 
70 int
71 pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
72 {
73 	debug(pamh, flags, argc, argv, "pam_sm_setcred");
74 	return (PAM_CRED_ERR);
75 }
76 
77 int
78 pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
79 {
80 	debug(pamh, flags, argc, argv, "pam_sm_acct_mgmt");
81 	return (PAM_ACCT_EXPIRED);
82 }
83 
84 int
85 pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
86 {
87 	debug(pamh, flags, argc, argv, "pam_sm_open_session");
88 	return (PAM_SESSION_ERR);
89 }
90 
91 int
92 pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
93 {
94 	debug(pamh, flags, argc, argv, "pam_sm_close_session");
95 	return (PAM_SESSION_ERR);
96 }
97 
98 int
99 pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
100 {
101 	debug(pamh, flags, argc, argv, "pam_sm_chauthtok");
102 	return (PAM_AUTHTOK_ERR);
103 }
104