seclib_passqual(3C) seclib_passqual(3C)
NAME
seclibpassqual - supplemental checking of a user password entry
SYNOPSIS
cc ... -lseclib
#include <seclib.h>
enum seclibreturnval
seclibpassqual(enum secqualoptions, struct logincontext *);
DESCRIPTION
The Password Qualifier Group is responsible for supplemental checking
of a user password entry. It will check:
- SECQEXPIRE
the user must not have an expired login
- SECQIDLE
the user must not have been idle too long
- SECQINVPASS
the user must not have a locked or invalid password
- SECQCKGROUP (CSP feature)
a user must be a member of their group
- SECQCKRGROUP (CSP feature)
a user must be a member of the root group if he attempts to login
or su to root
- SECQPASSREQ (CSP feature)
the user must not have a null password
ARGUMENTS
secqualoptions
A bitmask that directs the function to enable particular
features. The complete list of values in the bitmask may be found
in the seclib.h header.
logincontext
A value as returned by secliblogincontext(). The structure
referenced by this pointer contains all of the session informa-
tion required to authenticate a user via the security library.
Page 1 Reliant UNIX 5.44 Printed 11/98
seclib_passqual(3C) seclib_passqual(3C)
RETURN VALUE
The functions return the seclibreturnval enumeration. The functions
will return:
SECROK
The function completed processing without encountering a system
error.
NOTE: the function will return SECROK even if it sets
context->reason to a failure value.
SECRCALLFAILED
The function call failed. This is usually because a system call
failed (such as a malloc() failing when a brk() call returned
with an error).
SECRBADOPTION
The function was called with an invalid argument.
SEE ALSO
seclib(3C), secliblogincontext(3C), seclibmisc(3C),
seclibpassentry(3C), seclibpasswd(3C), seclibruserok(3C),
seclibsecterm(3C), seclibtwindows(3C).
Page 2 Reliant UNIX 5.44 Printed 11/98