2 * Copyright Elliot Lee, 1996. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, and the entire permission notice in its entirety,
9 * including the disclaimer of warranties.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. The name of the author may not be used to endorse or promote
14 * products derived from this software without specific prior
17 * ALTERNATIVELY, this product may be distributed under the terms of
18 * the GNU Public License, in which case the provisions of the GPL are
19 * required INSTEAD OF the above restrictions. (This clause is
20 * necessary due to a potential bad interaction between the GPL and
21 * the restrictions contained in a BSD-style copyright.)
23 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
24 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
26 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
27 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
28 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
29 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
31 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
33 * OF THE POSSIBILITY OF SUCH DAMAGE.
36 /* pam_unix_acct.c module, different track */
40 # include <features.h>
48 #include <sys/types.h>
56 #define PAM_SM_ACCOUNT
59 # include <security/pam_appl.h>
62 #define _PAM_EXTERN_FUNCTIONS
63 #include <security/pam_modules.h>
66 int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
67 int argc, const char **argv)
78 retval = pam_get_item(pamh,PAM_USER,(const void **)&uname);
79 if(retval != PAM_SUCCESS || uname == NULL) {
80 return PAM_SUCCESS; /* Couldn't get username, just ignore this
81 (i.e. they don't have any expiry info available */
83 pwent = getpwnam(uname);
85 return PAM_USER_UNKNOWN;
86 if(strcmp(pwent->pw_passwd,"x"))
87 return PAM_SUCCESS; /* They aren't using shadow passwords & expiry
89 spent = getspnam(uname);
91 return PAM_SUCCESS; /* Couldn't get username from shadow, just ignore this
92 (i.e. they don't have any expiry info available */
93 curdays = time(NULL)/(60*60*24);
94 if((curdays > (spent->sp_lstchg + spent->sp_max + spent->sp_inact))
95 && (spent->sp_max != -1) && (spent->sp_inact != -1))
96 return PAM_ACCT_EXPIRED;
97 if((curdays > spent->sp_expire) && (spent->sp_expire != -1))
98 return PAM_ACCT_EXPIRED;
106 /* static module data */
108 struct pam_module _pam_unix_acct_modstruct = {