PAM_ACCT_MGMT(3) Library Functions Manual PAM_ACCT_MGMT(3)

pam_acct_mgmtperform PAM account validation procedures

Pluggable Authentication Module Library (libpam, -lpam)

#include <sys/types.h>
#include <security/pam_appl.h>

pam_acct_mgmt(pam_handle_t *pamh, int flags);

The pam_acct_mgmt function verifies and enforces account restrictions after the user has been authenticated.

The flags argument is the binary or of zero or more of the following values:

Do not emit any messages.
Fail if the user's authentication token is null.

If any other bits are set, pam_acct_mgmt will return PAM_SYMBOL_ERR.

The pam_acct_mgmt function returns one of the following values:

General failure.
User account has expired.
Authentication error.
Memory buffer error.
Conversation failure.
New authentication token required.
Permission denied.
Error in service module.
System error.
Unknown user.

pam(3), pam_strerror(3)

X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.

The pam_acct_mgmt function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.

December 21, 2007 macOS 14.4