NAME
openpam_subst —
substitute PAM item
values in a string
SYNOPSIS
#include <sys/types.h>
#include <security/pam_appl.h>
#include <security/openpam.h>
int
openpam_subst(
const
pam_handle_t *pamh,
char
*buf,
size_t
*bufsize,
const char
*template);
DESCRIPTION
The
openpam_subst() function expands a string, substituting
PAM item values for all occurrences of specific substitution codes. The
template argument points to the initial string. The
result is stored in the buffer pointed to by the
buf
argument; the
bufsize argument specifies the size of
that buffer. The actual size of the resulting string, including the
terminating NUL character, is stored in the location pointed to by the
bufsize argument.
If
buf is NULL, or if the buffer is too small to hold the
expanded string,
bufsize is updated to reflect the
amount of space required to hold the entire string, and
openpam_subst() returns
PAM_TRY_AGAIN
.
If
openpam_subst() fails for any other reason, the
bufsize argument is untouched, but part of the buffer
may still have been overwritten.
Substitution codes are introduced by a percent character and correspond to PAM
items:
-
-
- %H
- Replaced by the current value of the
PAM_RHOST
item.
-
-
- %h
- Replaced by the current value of the
PAM_HOST
item.
-
-
- %s
- Replaced by the current value of the
PAM_SERVICE
item.
-
-
- %t
- Replaced by the current value of the
PAM_TTY
item.
-
-
- %U
- Replaced by the current value of the
PAM_RUSER
item.
-
-
- %u
- Replaced by the current value of the
PAM_USER
item.
RETURN VALUES
The
openpam_subst() function returns one of the following
values:
-
-
- [
PAM_SUCCESS
]
- Success.
-
-
- [
PAM_BAD_ITEM
]
- Unrecognized or restricted item.
-
-
- [
PAM_TRY_AGAIN
]
- Try again.
SEE ALSO
pam(3),
pam_get_authtok(3),
pam_get_item(3),
pam_get_user(3),
pam_strerror(3)
STANDARDS
The
openpam_subst() function is an OpenPAM extension.
AUTHORS
The
openpam_subst() function and this manual page were
developed by
Dag-Erling Smørgrav
<
des@des.no>.