1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 #include <strings.h> 30 #include <syslog.h> 31 32 #include <security/pam_appl.h> 33 #include <security/pam_modules.h> 34 35 /* 36 * pam_deny - PAM service module that returns the default error code for 37 * all service module types. 38 * 39 * Entry argv = debug, syslog call LOG_AUTH | LOG_DEBUG. 40 * 41 * Exit PAM_* appropriate for service module type. 42 * 43 * Uses PAM_USER, PAM_SERVICE 44 */ 45 46 static void 47 debug(pam_handle_t *pamh, int flags, int argc, const char **argv, char *mod) 48 { 49 char *user; 50 char *service; 51 52 if (argc < 1 || strcmp(argv[0], "debug") != 0) 53 return; 54 55 (void) pam_get_item(pamh, PAM_SERVICE, (void **)&service); 56 (void) pam_get_item(pamh, PAM_USER, (void **)&user); 57 58 syslog(LOG_AUTH | LOG_DEBUG, "%s pam_deny:%s(%x) for %s", 59 service ? service : "No Service Specified", mod, flags, 60 user ? user : "No User Specified"); 61 } 62 63 int 64 pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) 65 { 66 debug(pamh, flags, argc, argv, "pam_sm_authenticate"); 67 return (PAM_AUTH_ERR); 68 } 69 70 int 71 pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) 72 { 73 debug(pamh, flags, argc, argv, "pam_sm_setcred"); 74 return (PAM_CRED_ERR); 75 } 76 77 int 78 pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) 79 { 80 debug(pamh, flags, argc, argv, "pam_sm_acct_mgmt"); 81 return (PAM_ACCT_EXPIRED); 82 } 83 84 int 85 pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) 86 { 87 debug(pamh, flags, argc, argv, "pam_sm_open_session"); 88 return (PAM_SESSION_ERR); 89 } 90 91 int 92 pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) 93 { 94 debug(pamh, flags, argc, argv, "pam_sm_close_session"); 95 return (PAM_SESSION_ERR); 96 } 97 98 int 99 pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) 100 { 101 debug(pamh, flags, argc, argv, "pam_sm_chauthtok"); 102 return (PAM_AUTHTOK_ERR); 103 } 104