pam_acct_mgmt() — perform PAM account validation procedures
[ flag ... ] file ...
[ library ... ]
int pam_acct_mgmt(pam_handle_t *pamh,
is called to determine if the current user's account is
valid. This includes checking for password expiration,
account expiration, account locks and access hour restrictions.
This function is typically called after the user has been authenticated
is an authentication handle obtained by a prior call to
The following flags may be set in the
The account management service should not generate any messages
The account management service should return
if the user has a null authentication token.
for information on thread-safety of PAM interfaces.
Upon successful completion,
In addition to the error return values described in
the following values may be returned:
User not known to underlying account management module.
Access permission is denied.
New authentication token required. This is normally returned if the machine
security policies require that the password should be changed because
the password is NULL or it has aged.
User account has expired.
User account has been disabled (trusted mode only).
Terminal has been disabled (trusted mode only).
User is not authorized for terminal access (trusted mode only).
Wrong time to login (trusted mode only).
HP-UX 11i Version 3 is the last release to support
trusted systems functionality.