PNG  IHDR* pHYs+ IDATx]n#; cdLb Ǚ[at¤_:uP}>!Usă cag޿ ֵNu`ݼTâabO7uL&y^wFٝA"l[|ŲHLN밪4*sG3|Dv}?+y߉{OuOAt4Jj.u]Gz*҉sP'VQKbA1u\`& Af;HWj hsO;ogTu uj7S3/QzUr&wS`M$X_L7r2;aE+ώ%vikDA:dR+%KzƉo>eOth$z%: :{WwaQ:wz%4foɹE[9<]#ERINƻv溂E%P1i01 |Jvҗ&{b?9g=^wζXn/lK::90KwrюO\!ջ3uzuGv^;騢wq<Iatv09:tt~hEG`v;3@MNZD.1]L:{ծI3`L(÷ba")Y.iljCɄae#I"1 `3*Bdz>j<fU40⨬%O$3cGt]j%Fߠ_twJ;ABU8vP3uEԑwQ V:h%))LfraqX-ۿX]v-\9I gl8tzX ]ecm)-cgʒ#Uw=Wlێn(0hPP/ӨtQ“&J35 $=]r1{tLuǮ*i0_;NƝ8;-vݏr8+U-kruȕYr0RnC]*ެ(M:]gE;{]tg(#ZJ9y>utRDRMdr9㪩̞zֹb<ģ&wzJM"iI( .ꮅX)Qw:9,i좜\Ԛi7&N0:asϓc];=ΗOӣ APqz93 y $)A*kVHZwBƺnWNaby>XMN*45~ղM6Nvm;A=jֲ.~1}(9`KJ/V F9[=`~[;sRuk]rєT!)iQO)Y$V ی ۤmzWz5IM Zb )ˆC`6 rRa}qNmUfDsWuˤV{ Pݝ'=Kֳbg,UҘVz2ﴻnjNgBb{? ߮tcsͻQuxVCIY۠:(V뺕 ٥2;t`@Fo{Z9`;]wMzU~%UA蛚dI vGq\r82iu +St`cR.6U/M9IENDB`/* * Copyright (c) 2001-2002 Andrew Morgan * * * * This file is a list of handy libc wrappers that attempt to provide some * thread-safe and other convenient functionality to modules in a common form. * * A number of these functions reserve space in a pam_[sg]et_data item. * In all cases, the name of the item is prefixed with "pam_modutil_*". * * On systems that simply can't support thread safe programming, these * functions don't support it either - sorry. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, and the entire permission notice in its entirety, * including the disclaimer of warranties. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote * products derived from this software without specific prior * written permission. * * ALTERNATIVELY, this product may be distributed under the terms of * the GNU Public License, in which case the provisions of the GPL are * required INSTEAD OF the above restrictions. (This clause is * necessary due to a potential bad interaction between the GPL and * the restrictions contained in a BSD-style copyright.) * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef _SECURITY__PAM_MODUTIL_H #define _SECURITY__PAM_MODUTIL_H #include #include #include #include #ifdef __cplusplus extern "C" { #endif #include extern struct passwd * PAM_NONNULL((1,2)) pam_modutil_getpwnam(pam_handle_t *pamh, const char *user); extern struct passwd * PAM_NONNULL((1)) pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid); extern struct group * PAM_NONNULL((1,2)) pam_modutil_getgrnam(pam_handle_t *pamh, const char *group); extern struct group * PAM_NONNULL((1)) pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid); extern struct spwd * PAM_NONNULL((1,2)) pam_modutil_getspnam(pam_handle_t *pamh, const char *user); extern int PAM_NONNULL((1,2,3)) pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh, const char *user, const char *group); extern int PAM_NONNULL((1,2)) pam_modutil_user_in_group_nam_gid(pam_handle_t *pamh, const char *user, gid_t group); extern int PAM_NONNULL((1,3)) pam_modutil_user_in_group_uid_nam(pam_handle_t *pamh, uid_t user, const char *group); extern int PAM_NONNULL((1)) pam_modutil_user_in_group_uid_gid(pam_handle_t *pamh, uid_t user, gid_t group); extern const char * PAM_NONNULL((1)) pam_modutil_getlogin(pam_handle_t *pamh); extern int pam_modutil_read(int fd, char *buffer, int count); extern int pam_modutil_write(int fd, const char *buffer, int count); extern int PAM_NONNULL((1,3)) pam_modutil_audit_write(pam_handle_t *pamh, int type, const char *message, int retval); struct pam_modutil_privs { gid_t *grplist; int number_of_groups; int allocated; gid_t old_gid; uid_t old_uid; int is_dropped; }; #define PAM_MODUTIL_NGROUPS 64 #define PAM_MODUTIL_DEF_PRIVS(n) \ gid_t n##_grplist[PAM_MODUTIL_NGROUPS]; \ struct pam_modutil_privs n = { n##_grplist, PAM_MODUTIL_NGROUPS, 0, -1, -1, 0 } extern int PAM_NONNULL((1,2,3)) pam_modutil_drop_priv(pam_handle_t *pamh, struct pam_modutil_privs *p, const struct passwd *pw); extern int PAM_NONNULL((1,2)) pam_modutil_regain_priv(pam_handle_t *pamh, struct pam_modutil_privs *p); enum pam_modutil_redirect_fd { PAM_MODUTIL_IGNORE_FD, /* do not redirect */ PAM_MODUTIL_PIPE_FD, /* redirect to a pipe */ PAM_MODUTIL_NULL_FD, /* redirect to /dev/null */ }; /* redirect standard descriptors, close all other descriptors. */ extern int PAM_NONNULL((1)) pam_modutil_sanitize_helper_fds(pam_handle_t *pamh, enum pam_modutil_redirect_fd redirect_stdin, enum pam_modutil_redirect_fd redirect_stdout, enum pam_modutil_redirect_fd redirect_stderr); #ifdef __cplusplus } #endif #endif /* _SECURITY__PAM_MODUTIL_H */