xref: /illumos-gate/usr/src/lib/pam_modules/deny/deny.c (revision ddb365bfc9e868ad24ccdcb0dc91af18b10df082) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #include <strings.h>
28 #include <syslog.h>
29 
30 #include <security/pam_appl.h>
31 #include <security/pam_modules.h>
32 
33 /*
34  * pam_deny - PAM service module that returns the default error code for
35  *	      all service module types.
36  *
37  *	Entry	argv = debug, syslog call LOG_AUTH | LOG_DEBUG.
38  *
39  *	Exit	PAM_* appropriate for service module type.
40  *
41  *	Uses	PAM_USER, PAM_SERVICE
42  */
43 
44 static void
45 debug(pam_handle_t *pamh, int flags, int argc, const char **argv, char *mod)
46 {
47 	char *user;
48 	char *service;
49 
50 	if (argc < 1 || strcmp(argv[0], "debug") != 0)
51 		return;
52 
53 	(void) pam_get_item(pamh, PAM_SERVICE, (void **)&service);
54 	(void) pam_get_item(pamh, PAM_USER, (void **)&user);
55 
56 	syslog(LOG_AUTH | LOG_DEBUG, "%s pam_deny:%s(%x) for %s",
57 	    service ? service : "No Service Specified", mod, flags,
58 	    user ? user : "No User Specified");
59 }
60 
61 int
62 pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
63 {
64 	debug(pamh, flags, argc, argv, "pam_sm_authenticate");
65 	return (PAM_AUTH_ERR);
66 }
67 
68 int
69 pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
70 {
71 	debug(pamh, flags, argc, argv, "pam_sm_setcred");
72 	return (PAM_CRED_ERR);
73 }
74 
75 int
76 pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
77 {
78 	debug(pamh, flags, argc, argv, "pam_sm_acct_mgmt");
79 	return (PAM_ACCT_EXPIRED);
80 }
81 
82 int
83 pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
84 {
85 	debug(pamh, flags, argc, argv, "pam_sm_open_session");
86 	return (PAM_SESSION_ERR);
87 }
88 
89 int
90 pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
91 {
92 	debug(pamh, flags, argc, argv, "pam_sm_close_session");
93 	return (PAM_SESSION_ERR);
94 }
95 
96 int
97 pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
98 {
99 	debug(pamh, flags, argc, argv, "pam_sm_chauthtok");
100 	return (PAM_AUTHTOK_ERR);
101 }
102