2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 2N/A * Use is subject to license terms. 2N/A * pam_sm_acct_mgmt main account managment routine. 2N/A * XXX: The routine just prints out a warning message. 2N/A * It may need to force the user to change his/her 2N/A /*LINTED - set but not used. Would be used in a real module. */ 2N/A /*LINTED - set but not used. Would be used in a real module. */ 2N/A * kludge alert. su needs to be handled specially for allow policy. 2N/A * we want to use the policy of the current user not the "destination" 2N/A * user. This will enable us to prevent su to root but not to rlogin, 2N/A * telnet, rsh, ftp to root. 2N/A * description of problem: user name is the "destination" name. not 2N/A * the current name. The allow policy needs to be applied to the 2N/A * current name in the case of su. user is "root" in this case and 2N/A * we will be getting the root policy instead of the user policy. 2N/A /* catch "allow=" */ 2N/A /* catch things such as =, and ,, */ 2N/A /* force name to be initially null string */ 2N/A /* end of string? */ 2N/A /* make name into string */ 2N/A return ((*
cp ==
'\0')? (
char *)0 : ++
cp);