Manual Pages  — OPENPAM_GET_FEATURE

openpam_get_feature – query the state of an optional feature

SYNOPSIS DESCRIPTION RETURN VALUES SEE ALSO STANDARDS AUTHORS

#include <sys/types.h>

#include <security/pam_appl.h>

#include <security/openpam.h>

int
openpam_get_feature(int feature, int *onoff);

This function is experimental and may be modified or removed in a future release without prior warning.

The openpam_get_feature() function stores the current state of the specified feature in the variable pointed to by its onoff argument.

The following features are recognized:

OPENPAM_RESTRICT_SERVICE_NAME
	Disallow path separators in service names. This feature is enabled by default. Disabling it allows the application to specify the path to the desired policy file directly.
OPENPAM_VERIFY_POLICY_FILE
	Verify the ownership and permissions of the policy file and the path leading up to it. This feature is enabled by default.
OPENPAM_RESTRICT_MODULE_NAME
	Disallow path separators in module names. This feature is disabled by default. Enabling it prevents the use of modules in non-standard locations.
OPENPAM_VERIFY_MODULE_FILE
	Verify the ownership and permissions of each loadable module and the path leading up to it. This feature is enabled by default.

The openpam_get_feature() function returns one of the following values:

[PAM_SUCCESS]
	Success.
[PAM_BAD_FEATURE]
	Unrecognized or restricted feature.

The openpam_get_feature() function is an OpenPAM extension.

The openpam_get_feature() function and this manual page were developed by Dag-Erling Sm/orgrav <Mt des@des.no>.