pam_acct_mgmt
Name
pam_acct_mgmt -- establish the status of a user's account
Synopsis
#include <security/pam_appl.h> |
int
pam_acct_mgmt
(pam_handle_t *
pamh, int
flags);
Description
pam_acct_mgmt() establishes the account's usability
and the user's accessibility to the system. It is typically called
after the user has been authenticated.
flags may be specified as any valid flag (namely,
one of those applicable to the flags argument of
pam_authenticate()). Additionally, the value of
flags may be logically or'd
with PAM_SILENT
.
Return Value
PAM_SUCCESS | | Success. |
PAM_NEW_AUTHTOK_REQD | | User is valid, but user's authentication token has expired.
The correct response to this return-value is to require that the
user satisfy the pam_chauthtok() function before
obtaining service. It may not be possible for an application to do
this. In such a case, the user should be denied access until the
account password is updated. |
PAM_ACCT_EXPIRED | | User is no longer permitted access to the system. |
PAM_AUTH_ERR | | Authentication error. |
PAM_PERM_DENIED | | User is not permitted to gain access at this time. |
PAM_USER_UNKNOWN | | User is not known to a module's account management component. |
Note: Errors may be translated to text with pam_strerror().