1*10b5fe87SSascha Wildner /*- 2*10b5fe87SSascha Wildner * Copyright (c) 2012-2015 Dag-Erling Smørgrav 3*10b5fe87SSascha Wildner * All rights reserved. 4*10b5fe87SSascha Wildner * 5*10b5fe87SSascha Wildner * Redistribution and use in source and binary forms, with or without 6*10b5fe87SSascha Wildner * modification, are permitted provided that the following conditions 7*10b5fe87SSascha Wildner * are met: 8*10b5fe87SSascha Wildner * 1. Redistributions of source code must retain the above copyright 9*10b5fe87SSascha Wildner * notice, this list of conditions and the following disclaimer. 10*10b5fe87SSascha Wildner * 2. Redistributions in binary form must reproduce the above copyright 11*10b5fe87SSascha Wildner * notice, this list of conditions and the following disclaimer in the 12*10b5fe87SSascha Wildner * documentation and/or other materials provided with the distribution. 13*10b5fe87SSascha Wildner * 3. The name of the author may not be used to endorse or promote 14*10b5fe87SSascha Wildner * products derived from this software without specific prior written 15*10b5fe87SSascha Wildner * permission. 16*10b5fe87SSascha Wildner * 17*10b5fe87SSascha Wildner * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18*10b5fe87SSascha Wildner * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19*10b5fe87SSascha Wildner * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20*10b5fe87SSascha Wildner * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21*10b5fe87SSascha Wildner * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22*10b5fe87SSascha Wildner * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23*10b5fe87SSascha Wildner * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24*10b5fe87SSascha Wildner * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25*10b5fe87SSascha Wildner * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26*10b5fe87SSascha Wildner * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27*10b5fe87SSascha Wildner * SUCH DAMAGE. 28*10b5fe87SSascha Wildner * 29*10b5fe87SSascha Wildner * $OpenPAM: openpam_features.c 938 2017-04-30 21:34:42Z des $ 30*10b5fe87SSascha Wildner */ 31*10b5fe87SSascha Wildner 32*10b5fe87SSascha Wildner #ifdef HAVE_CONFIG_H 33*10b5fe87SSascha Wildner # include "config.h" 34*10b5fe87SSascha Wildner #endif 35*10b5fe87SSascha Wildner 36*10b5fe87SSascha Wildner #include <security/pam_appl.h> 37*10b5fe87SSascha Wildner 38*10b5fe87SSascha Wildner #include "openpam_impl.h" 39*10b5fe87SSascha Wildner 40*10b5fe87SSascha Wildner #define STRUCT_OPENPAM_FEATURE(name, descr, dflt) \ 41*10b5fe87SSascha Wildner [OPENPAM_##name] = { \ 42*10b5fe87SSascha Wildner "OPENPAM_" #name, \ 43*10b5fe87SSascha Wildner descr, \ 44*10b5fe87SSascha Wildner dflt \ 45*10b5fe87SSascha Wildner } 46*10b5fe87SSascha Wildner 47*10b5fe87SSascha Wildner struct openpam_feature openpam_features[OPENPAM_NUM_FEATURES] = { 48*10b5fe87SSascha Wildner STRUCT_OPENPAM_FEATURE( 49*10b5fe87SSascha Wildner RESTRICT_SERVICE_NAME, 50*10b5fe87SSascha Wildner "Disallow path separators in service names", 51*10b5fe87SSascha Wildner 1 52*10b5fe87SSascha Wildner ), 53*10b5fe87SSascha Wildner STRUCT_OPENPAM_FEATURE( 54*10b5fe87SSascha Wildner VERIFY_POLICY_FILE, 55*10b5fe87SSascha Wildner "Verify ownership and permissions of policy files", 56*10b5fe87SSascha Wildner 1 57*10b5fe87SSascha Wildner ), 58*10b5fe87SSascha Wildner STRUCT_OPENPAM_FEATURE( 59*10b5fe87SSascha Wildner RESTRICT_MODULE_NAME, 60*10b5fe87SSascha Wildner "Disallow path separators in module names", 61*10b5fe87SSascha Wildner 0 62*10b5fe87SSascha Wildner ), 63*10b5fe87SSascha Wildner STRUCT_OPENPAM_FEATURE( 64*10b5fe87SSascha Wildner VERIFY_MODULE_FILE, 65*10b5fe87SSascha Wildner "Verify ownership and permissions of module files", 66*10b5fe87SSascha Wildner 1 67*10b5fe87SSascha Wildner ), 68*10b5fe87SSascha Wildner STRUCT_OPENPAM_FEATURE( 69*10b5fe87SSascha Wildner FALLBACK_TO_OTHER, 70*10b5fe87SSascha Wildner "Fall back to \"other\" policy for empty chains", 71*10b5fe87SSascha Wildner 1 72*10b5fe87SSascha Wildner ), 73*10b5fe87SSascha Wildner }; 74