Sophie

Sophie

distrib > Mandriva > 8.1 > i586 > by-pkgid > a46cbe42e0ff9f3a2a3ed9d4555310d0 > files > 29

pam-doc-0.75-7mdk.i586.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
 <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
 <TITLE>The Linux-PAM Application Developers' Guide: An example application</TITLE>
 <LINK HREF="pam_appl-9.html" REL=next>
 <LINK HREF="pam_appl-7.html" REL=previous>
 <LINK HREF="pam_appl.html#toc8" REL=contents>
</HEAD>
<BODY>
<A HREF="pam_appl-9.html">Next</A>
<A HREF="pam_appl-7.html">Previous</A>
<A HREF="pam_appl.html#toc8">Contents</A>
<HR>
<H2><A NAME="s8">8. An example application</A></H2>

<P>To get a flavor of the way a <CODE>Linux-PAM</CODE> application is written we
include the following example. It prompts the user for their password
and indicates whether their account is valid on the standard output,
its return code also indicates the success (<CODE>0</CODE> for success; <CODE>1</CODE>
for failure).
<P>
<P>
<BLOCKQUOTE><CODE>
<PRE>
/*
  This program was contributed by Shane Watts
  [modifications by AGM]

  You need to add the following (or equivalent) to the /etc/pam.conf file.
  # check authorization
  check_user   auth       required     /usr/lib/security/pam_unix_auth.so
  check_user   account    required     /usr/lib/security/pam_unix_acct.so
 */

#include &lt;security/pam_appl.h>
#include &lt;security/pam_misc.h>
#include &lt;stdio.h>

static struct pam_conv conv = {
    misc_conv,
    NULL
};

int main(int argc, char *argv[])
{
    pam_handle_t *pamh=NULL;
    int retval;
    const char *user="nobody";

    if(argc == 2) {
        user = argv[1];
    }

    if(argc > 2) {
        fprintf(stderr, "Usage: check_user [username]\n");
        exit(1);
    }

    retval = pam_start("check_user", user, &amp;conv, &amp;pamh);
        
    if (retval == PAM_SUCCESS)
        retval = pam_authenticate(pamh, 0);    /* is user really user? */

    if (retval == PAM_SUCCESS)
        retval = pam_acct_mgmt(pamh, 0);       /* permitted access? */

    /* This is where we have been authorized or not. */

    if (retval == PAM_SUCCESS) {
        fprintf(stdout, "Authenticated\n");
    } else {
        fprintf(stdout, "Not Authenticated\n");
    }

    if (pam_end(pamh,retval) != PAM_SUCCESS) {     /* close Linux-PAM */
        pamh = NULL;
        fprintf(stderr, "check_user: failed to release authenticator\n");
        exit(1);
    }

    return ( retval == PAM_SUCCESS ? 0:1 );       /* indicate success */
}
</PRE>
</CODE></BLOCKQUOTE>
<P>
<HR>
<A HREF="pam_appl-9.html">Next</A>
<A HREF="pam_appl-7.html">Previous</A>
<A HREF="pam_appl.html#toc8">Contents</A>
</BODY>
</HTML>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional