PAM_ACCT_MGMT(3)         BSD Library Functions Manual         PAM_ACCT_MGMT(3)

NAME
     pam_acct_mgmt -- perform PAM account validation procedures

LIBRARY
     Pluggable Authentication Module Library (libpam, -lpam)

SYNOPSIS
     #include <sys/types.h>
     #include <security/pam_appl.h>

     int
     pam_acct_mgmt(pam_handle_t *pamh, int flags);

DESCRIPTION
     The pam_acct_mgmt function verifies and enforces account restrictions
     after the user has been authenticated.

     The flags argument is the binary or of zero or more of the following val-
     ues:

     PAM_SILENT          Do not emit any messages.

     PAM_DISALLOW_NULL_AUTHTOK
                         Fail if the user's authentication token is null.

     If any other bits are set, pam_acct_mgmt will return PAM_SYMBOL_ERR.

RETURN VALUES
     The pam_acct_mgmt function returns one of the following values:

     [PAM_ABORT]         General failure.

     [PAM_ACCT_EXPIRED]  User account has expired.

     [PAM_AUTH_ERR]      Authentication error.

     [PAM_BUF_ERR]       Memory buffer error.

     [PAM_CONV_ERR]      Conversation failure.

     [PAM_NEW_AUTHTOK_REQD]
                         New authentication token required.

     [PAM_PERM_DENIED]   Permission denied.

     [PAM_SERVICE_ERR]   Error in service module.

     [PAM_SYSTEM_ERR]    System error.

     [PAM_USER_UNKNOWN]  Unknown user.

SEE ALSO
     pam(3), pam_strerror(3)

STANDARDS
     X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules,
     June 1997.

AUTHORS
     The pam_acct_mgmt function and this manual page were developed for the
     FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the
     Security Research Division of Network Associates, Inc. under DARPA/SPAWAR
     contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS
     research program.

BSD                            December 21, 2007                           BSD