Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- Based on source code from http://linux-pam.org/Linux-PAM-html/adg-example.html
- Requires a PAM configuration file in /etc/pam.d/checkuser
- # Authenticate the user
- auth required pam_unix.so
- # Ensure users account and password are still active
- account required pam_unix.so
- */
- #include <security/pam_appl.h>
- #include <security/pam_misc.h>
- #include <stdio.h>
- #include <stdbool.h>
- static const bool DEBUG = false;
- static struct pam_conv conv = {
- misc_conv, //defined in pam_misc.h
- NULL
- };
- int printError(char* msg, const int retval, pam_handle_t* handle){
- if(DEBUG){
- fprintf(stderr, msg, pam_strerror(handle, retval));
- }else{
- fprintf(stderr, "%s\n", pam_strerror(handle, retval));
- }
- return 1;
- }
- int main(int argc, char *argv[]){
- if(argc != 2) {
- fprintf(stderr, "Usage: checkuser [username]\n");
- exit(1);
- }
- pam_handle_t* handle=NULL;
- const char* user = argv[1];
- const char* service_name = "checkuser";
- int retval = pam_start(service_name, user, &conv, &handle);
- if (retval != PAM_SUCCESS) {
- return printError("Failure in pam initialization: %s\n", retval, handle);
- }
- retval = pam_authenticate(handle, 0); //ask user for passwd
- if (retval == PAM_SUCCESS) {
- retval = pam_acct_mgmt(handle, 0); //is this account allowed access?
- }
- if (retval == PAM_SUCCESS) {
- fprintf(stdout, "Auth success!\n");
- } else {
- fprintf(stdout, "Auth failure\n");
- }
- retval = pam_end(handle, retval); //terminate the pam transaction
- handle = NULL;
- return (retval == PAM_SUCCESS ? 0 : 1); // indicate success
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
