NAME [Toc] [Back]
pam_acct_mgmt - perform PAM account validation procedures
SYNOPSIS [Toc] [Back]
cc [ flag ... ] file ... -lpam [ library ... ]
int pam_acct_mgmt(pam_handle_t *pamh, int flags);
DESCRIPTION [Toc] [Back]
The function pam_acct_mgmt() is called to determine if the current
user's account is valid. This includes checking for password and
account expiration, as well as verifying access hour restrictions and
terminal access restrictions for trusted mode. This function is
typically called after the user has been authenticated with
The pamh argument is an authentication handle obtained by a prior call
to pam_start(). The following flags may be set in the flags field:
PAM_SILENT [Toc] [Back]
The account management service should not generate any
PAM_DISALLOW_NULL_AUTHTOK [Toc] [Back]
The account management service should return
PAM_AUTHTOKEN_REQD if the user has a null authentication
APPLICATION USAGE [Toc] [Back]
Refer to pam(3) for information on thread-safety of PAM interfaces.
RETURN VALUES [Toc] [Back]
Upon successful completion, PAM_SUCCESS is returned. In addition to
the error return values described in pam(3), the following values may
PAM_USER_UNKNOWN User not known to underlying account
PAM_AUTH_ERR Authentication failure.
PAM_AUTHTOKEN_REQD New authentication token required. This is
normally returned if the machine security
policies require that the password should
be changed because the password is NULL or
it has aged.
PAM_ACCT_EXPIRED User account has expired.
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: August 2003
PAM_ACCT_DISABLED User account has been disabled (trusted
PAM_TERM_DISABLED Terminal has been disabled (trusted mode
PAM_NOT_AUTHORIZED User is not authorized for terminal access
(trusted mode only).
PAM_NOT_RTIME Wrong time to login (trusted mode only).
SEE ALSO [Toc] [Back]
pam(3), pam_start(3), pam_authenticate(3).
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: August 2003 [ Back ]