pam_acct_mgmt(3)	perform PAM account validation procedures
pam, pam_acct_mgmt, pam_authenticate, pam_chauthtok, pam_close_session, pam_end, pam_get_data, pam_get_item, pam_get_user, pam_getenv, pam_getenvlist, pam_open_session, pam_putenv, pam_set_data, pam_set_item, pam_setcred, pam_start, pam_strerror(3)	Pluggable Authentication Modules Library

NAME

pam_acct_mgmt — perform PAM account validation procedures

SYNOPSIS

#include <sys/types.h>
#include <security/pam_appl.h>

int
pam_acct_mgmt(pam_handle_t *pamh, int flags);

DESCRIPTION

The pam_acct_mgmt() function verifies and enforces account restrictions after the user has been authenticated.

The flags argument is the binary or of zero or more of the following values:

PAM_SILENT: Do not emit any messages.
PAM_DISALLOW_NULL_AUTHTOK: Fail if the user's authentication token is null.

If any other bits are set, pam_acct_mgmt() will return PAM_SYMBOL_ERR.

RETURN VALUES

The pam_acct_mgmt() function returns one of the following values:

[PAM_SUCCESS]: Success.
[PAM_ABORT]: General failure.
[PAM_ACCT_EXPIRED]: User account has expired.
[PAM_AUTH_ERR]: Authentication error.
[PAM_BUF_ERR]: Memory buffer error.
[PAM_CONV_ERR]: Conversation failure.
[PAM_NEW_AUTHTOK_REQD]: New authentication token required.
[PAM_PERM_DENIED]: Permission denied.
[PAM_SERVICE_ERR]: Error in service module.
[PAM_SYSTEM_ERR]: System error.
[PAM_USER_UNKNOWN]: Unknown user.

STANDARDS

X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.

AUTHORS

The pam_acct_mgmt() function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.

The OpenPAM library is maintained by Dag-Erling Smørgrav <des@des.no>.