#include #include #include static void cleanup_caplist(pam_handle_t *, void *, int); int authenticate(char *user, char *password) { int retval; AuthInfo *ai; char **caplist; if((ai = auth_userpasswd(user, password)) == nil) return -1; if( ai->cap == NULL ){ perror("no capability"); return -1; } /* Copy the capabilities from the authinfo structure to 'caplist' */ /* save the capabilities using pam_set_data */ retval = pam_set_data(pamh, "caplist", caplist, cleanup_caplist); auth_freeAI(ai); return retval; } static void cleanup_caplist(pam_handle_t *pamh, void *data, int pam_end_status) { /* Clean up all the capabilities that have been retrieved * from the host owner's factotum on authentication. */ }