[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home |
Legal |
Search ]
Technical Reference: Base Operating System and Extensions, Volume 1
ckuseracct Subroutine
Purpose
Checks the validity of a user account.
Library
Security Library (libc.a)
Syntax
#include <login.h>
int ckuseracct ( Name, Mode, TTY)
char *Name;
int Mode;
char *TTY;
Description
Note
This subroutine is obsolete and is provided only for backwards
compatibility. Use the loginrestrictions subroutine,
which performs a superset of the functions of the ckuseracct subroutine, instead.
The ckuseracct subroutine checks
the validity of the user account specified by the Name parameter. The Mode parameter gives the mode
of the account usage, and the TTY parameter defines
the terminal being used for the access. The ckuseracct
subroutine checks for the following conditions:
- Account existence
- Account expiration
The Mode parameter specifies
other mode-specific checks.
Parameters
Name |
Specifies the login name of the user whose account is to be validated. |
Mode |
Specifies the manner of usage. Valid values as defined in the login.h file are listed below. The Mode parameter must be one of these or 0:
- S_LOGIN
- Verifies that local logins are permitted for this account.
- S_SU
- Verifies that the su command is permitted and
that the current process has a group ID that can invoke the su command to switch to the account.
- S_DAEMON
- Verifies the account can be used to invoke daemon or batch programs
using the src or cron subsystems.
- S_RLOGIN
- Verifies the account can be used for remote logins using the rlogind or telnetd programs.
|
TTY |
Specifies the terminal of the originating activity. If this parameter
is a null pointer or a null string, no TTY origin checking is done. |
Security
Mode |
File |
r |
/etc/passwd |
r |
/etc/security/user |
Return Values
If the account is valid for the specified usage, the ckuseracct subroutine returns a value of 0. Otherwise, a
value of -1 is returned and the errno global variable
is set to the appropriate error code.
Error Codes
The ckuseracct subroutine fails
if one or more of the following are true:
ENOENT |
The user specified in the Name parameter
does not have an account. |
ESTALE |
The user's account is expired. |
EACCES |
The specified terminal does not have access to the specified account. |
EACCES |
The Mode parameter is S_SU, and the current process is not permitted to use the su command to access the specified user. |
EACCES |
Access to the account is not permitted in the specified Mode. |
EINVAL |
The Mode parameter is not one of S_LOGIN, S_SU, S_DAEMON, S_RLOGIN. |
Related Information
The ckuserID (ckuserID Subroutine)
subroutine, getpcred (getpcred Subroutine) subroutine, getpenv (getpenv Subroutine) subroutine, setpcred subroutine, setpenv subroutine.
The login command, rlogin
command, su command, telnet command.
The cron
daemon.
List of Security and Auditing
Subroutines and Subroutines Overview in AIX 5L Version 5.2 General Programming Concepts: Writing and Debugging Programs.
[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home |
Legal |
Search ]