49 lines
1.6 KiB
C
49 lines
1.6 KiB
C
#ifndef PAM_AUTH_H
|
|
#define PAM_AUTH_H
|
|
|
|
#include <security/pam_appl.h>
|
|
|
|
typedef struct pam_ui_s {
|
|
void (*info)(const char *msg, void *user);
|
|
void (*error)(const char *msg, void *user);
|
|
void *user_ctx;
|
|
} pam_ui_t;
|
|
|
|
typedef struct {
|
|
pam_handle_t *pamh;
|
|
int session_opened; /* 1 if pam_open_session was called successfully */
|
|
} pam_session_t;
|
|
|
|
/* Full login path: authenticate + acct_mgmt (+chauthtok) + setcred + open_session (if open_session!=0)
|
|
tty_opt/xdisplay_opt are forwarded as PAM items; env is exported via pam_export_env().
|
|
Returns PAM_* code (PAM_SUCCESS on success). */
|
|
int pam_begin(const char *service,
|
|
const char *username,
|
|
const char *password,
|
|
const char *tty_opt,
|
|
const char *xdisplay_opt,
|
|
const pam_ui_t *ui,
|
|
int open_session,
|
|
pam_session_t *out);
|
|
|
|
/* Open a GREETER session only (no auth). Must be called in a process whose loginuid is unset.
|
|
Sets PAM_TTY and populates PAM env (XDG_SESSION_CLASS=greeter, XDG_SEAT, XDG_VTNR) before pam_open_session.
|
|
Returns PAM_* code. */
|
|
int pam_open_greeter_session(const char *service,
|
|
const char *tty_opt,
|
|
const char *xdisplay_opt,
|
|
const pam_ui_t *ui,
|
|
pam_session_t *out);
|
|
|
|
/* Export PAM env into current process. */
|
|
void pam_export_env(pam_session_t *ps);
|
|
|
|
/* Close session if opened; delete creds; end PAM. Safe to call multiple times. */
|
|
void pam_end_session(pam_session_t *ps);
|
|
|
|
/* Pretty for logs; never NULL. */
|
|
const char *pam_errstr(int code);
|
|
|
|
#endif
|
|
|