NAME    [Toc]    [Back]

     pam_acct_mgmt -- perform PAM account validation procedures

LIBRARY    [Toc]    [Back]

     PAM Library (libpam, -lpam)

SYNOPSIS    [Toc]    [Back]

     #include <sys/types.h>
     #include <security/pam_appl.h>

     int
     pam_acct_mgmt(pam_handle_t *pamh, int flags);

DESCRIPTION    [Toc]    [Back]

     The pam_acct_mgmt function verifies and enforces account restrictions
     after the user has been authenticated.

     The flags argument is the binary or of zero or more of the following values:


     PAM_SILENT          Do not emit any messages.

     PAM_DISALLOW_NULL_AUTHTOK
                         Fail if the user's authentication token is null.

     If any other bits are set, pam_acct_mgmt will return PAM_SYMBOL_ERR.

RETURN VALUES    [Toc]    [Back]

     The pam_acct_mgmt function returns one of the following values:

     [PAM_ABORT]         General failure.

     [PAM_ACCT_EXPIRED]  User accound has expired.

     [PAM_AUTH_ERR]      Authentication error.

     [PAM_BUF_ERR]       Memory buffer error.

     [PAM_CONV_ERR]      Conversation failure.

     [PAM_NEW_AUTHTOK_REQD]
                         New authentication token required.

     [PAM_PERM_DENIED]   Permission denied.

     [PAM_SERVICE_ERR]   Error in service module.

     [PAM_SYSTEM_ERR]    System error.

     [PAM_USER_UNKNOWN]  Unknown user.

SEE ALSO    [Toc]    [Back]

     pam(3), pam_strerror(3)

STANDARDS    [Toc]    [Back]

     X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules,
     June 1997.

AUTHORS    [Toc]    [Back]

     The pam_acct_mgmt function and this manual page were developed for the
     FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the
     Security Research Division of Network Associates, Inc.  under
     DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA
     CHATS research program.


FreeBSD 5.2.1                    July 15, 2003                   FreeBSD 5.2.1