pam_acct_mgmt(3)pam_acct_mgmt(3)NAMEpam_acct_mgmt - perform PAM account validation procedures
SYNOPSIS
cc [ flag ... ] file ... -lpam [ library ... ]
#include <security/pam_appl.h>
int pam_acct_mgmt(pam_handle_t *pamh, int flags);
DESCRIPTION
The function pam_acct_mgmt() is called to determine if the current
user's account is valid. This includes checking for password and
account expiration, as well as verifying access hour restrictions.
This function is typically called after the user has been authenticated
with pam_authenticate(3).
The pamh argument is an authentication handle obtained by a prior call
to pam_start(). The following flags may be set in the flags field:
PAM_SILENT The account management ser‐
vice should not generate any
messages
PAM_DISALLOW_NULL_AUTHTOK The account management ser‐
vice should return PAM_AUTH‐
TOKEN_REQUIRED if the user
has a null authentication
token
RETURN VALUES
Upon successful completion, PAM_SUCCESS is returned. In addition to
the error return values described in pam(3), the following values may
be returned:
PAM_USER_UNKNOWN User not known to underlying account
management module
PAM_AUTH_ERR Authentication failure
PAM_AUTHTOKEN_REQD New authentication token required.
This is normally returned if the
machine security policies require that
the password should be changed because
the password is NULL or it has aged.
PAM_ACCT_EXPIRED User account has expired
SEE ALSOpam(3), pam_start(3), pam_authenticate(3)
12 September 1995 pam_acct_mgmt(3)