Hallo, dies ist ein Test.

PWD: /www/data-lst1/unixsoft/unixsoft/kaempfer/.public_html

Running in File Mode
Relative path: ././../../../../../../usr/man/man3pam/pam_acct_mgmt.3pam
Real path: /usr/share/man/man3pam/pam_acct_mgmt.3pam
Zurück

'\" te
.\" Copyright (c) 1998, 2023, Oracle and/or its affiliates.
.TH pam_acct_mgmt 3PAM "15 Mar 2023" "Oracle Solaris 11.4" "PAM Library Functions"
.SH NAME
pam_acct_mgmt \- perform PAM account validation
procedures
.SH SYNOPSIS

.LP
.nf
\fBcc\fR [ \fIflag\fR ... ] \fIfile\fR ... \fB-lpam\fR [ \fIlibrary\fR ... ]
#include <security/pam_appl.h>

\fBint\fR \fBpam_acct_mgmt\fR(\fBpam_handle_t *\fR\fIpamh\fR, \fBint\fR \fIflags\fR);
.fi
.SH DESCRIPTION
.sp
.LP
The \fBpam_acct_mgmt()\fR function is called to determine if the current authenticated user's account is valid. This includes the following checks:
.RS +4
.TP
.ie t \(bu
.el o
Password expiry

.RE
.RS +4
.TP
.ie t \(bu
.el o
If the password needs to be changed

.RE
.RS +4
.TP
.ie t \(bu
.el o
Account expiry

.RE
.RS +4
.TP
.ie t \(bu
.el o
Account inactivity

.RE
.RS +4
.TP
.ie t \(bu
.el o
If the account is locked

.RE
.RS +4
.TP
.ie t \(bu
.el o
The \fB/etc/nologin\fR file is not present, unless the user has a uid of 0, has the root role, or is assigned the \fBsolaris.system.maintenance\fR authorization (see \fBnologin\fR(5))

.RE
.sp
.LP
The \fBpam_acct_mgmt()\fR function is typically called after the user has been authenticated with \fBpam_authenticate\fR(3PAM).
.sp
.LP
The \fIpamh\fR argument is an authentication handle obtained by a prior call to \fBpam_start()\fR. The following flags may be set in the \fIflags\fR field: 
.sp
.ne 2
.mk
.na
\fB\fBPAM_SILENT\fR\fR
.ad
.RS 29n
.rt
The account management service should not generate any messages.
.RE

.sp
.ne 2
.mk
.na
\fB\fBPAM_DISALLOW_NULL_AUTHTOK\fR\fR
.ad
.RS 29n
.rt
The account management service should return \fBPAM_NEW_AUTHTOK_REQD\fR if the user has a null authentication token.
.RE

.SH RETURN VALUES
.sp
.LP
Upon successful completion, \fBPAM_SUCCESS\fR is returned. In addition to the error return values described in \fBpam\fR(3PAM), the following values may be returned:
.sp
.ne 2
.mk
.na
\fB\fBPAM_USER_UNKNOWN\fR\fR
.ad
.RS 24n
.rt
User not known to underlying account management module.
.RE

.sp
.ne 2
.mk
.na
\fB\fBPAM_AUTH_ERR\fR\fR
.ad
.RS 24n
.rt
Authentication failure.
.RE

.sp
.ne 2
.mk
.na
\fB\fBPAM_NEW_AUTHTOK_REQD\fR\fR
.ad
.RS 24n
.rt
New authentication token required. This is normally returned if the machine security policies require that the password should be changed because the password is null or has aged.
.RE

.sp
.ne 2
.mk
.na
\fB\fBPAM_ACCT_EXPIRED\fR\fR
.ad
.RS 24n
.rt
User account has expired.
.RE

.sp
.ne 2
.mk
.na
\fB\fBPAM_LOGINS_DISABLED\fR\fR
.ad
.RS 24n
.rt
Logins for non-root/maintenance users are disabled due to the presence of the \fB/etc/nologin\fR file. See \fBnologin\fR(5).
.RE

.SH ATTRIBUTES
.sp
.LP
See \fBattributes\fR(7) for descriptions of the following attributes:
.sp
.TS
tab(
) box;
cw(2.75i) |cw(2.75i) 
lw(2.75i) |lw(2.75i) 
.
ATTRIBUTE TYPE
ATTRIBUTE VALUE
_
Interface Stability
Committed
_
MT-Level
MT-Safe with exceptions
.TE
.sp
.sp
.LP
The interfaces in \fBlibpam\fR are MT-Safe only if each thread within the multithreaded application uses its own \fBPAM\fR handle.
.SH SEE ALSO
.sp
.LP
\fBlibpam\fR(3LIB), \fBpam\fR(3PAM), \fBpam_authenticate\fR(3PAM), \fBpam_start\fR(3PAM), \fBnologin\fR(5), \fBattributes\fR(7)
.SH HISTORY
.sp
.LP
Support for checking for \fB/etc/nologin\fR in \fBpam_acct_mgmt()\fR and the \fBPAM_LOGINS_DISABLED\fR return value was added in Solaris 11.2.0.
.sp
.LP
The \fBpam_acct_mgmt()\fR function was introduced in Solaris 2.6.