group
group__libshare__syspam
Provides capabilities for managing user accounts.

Permission Access Management

typedef
typedef struct shseed_t shseed_t
typedef
typedef struct shadow_t shadow_t
function
uint64_t shpam_uid
(char *username)
A unique reference to a share account.
function
shkey_t* shpam_ident_gen
(uint64_t uid, shpeer_t *peer)
An identity key referencing an account for an application.
function
shkey_t* shpam_ident_root
(shpeer_t *peer)
The 'root' identity for an application.
function
int shpam_ident_verify
(shkey_t *id_key, uint64_t uid, shpeer_t *peer)
Verify that an identity key references an application account.
function
uint64_t shpam_salt
(void)
Generate a random salt to be used to perterb a password key.
function
const char* shpam_username_sys
(void)
The current user's system account name.
function
const char* shuser_self
(void)
function
uint64_t shuser_id
(char *acc_name)
function
uint64_t shuser_self_id
(void)
function
int shuser_create
(char *acc_name, shpriv_t **priv_p)
Create a new user account.
Param
username
The account name.
ret_sess
A session key which can be used to perform priveleged operations on the user account created.
Return Value
A libshare error code.
Note
The effective current user must have SHPERM_CREATE permission to peform this action.
function
int shuser_create_priv
(char *acc_name, shpriv_t *priv, shpriv_t **priv_p)
function
int shuser_login_2fa
(char *acc_name, char *passphrase, uint32_t code_2fa, shpriv_t **priv_p)
function
int shuser_login
(char *acc_name, char *passphrase, shpriv_t **priv_p)
function
int shuser_pass_set
(char *acc_name, shpriv_t *priv, char *passphrase)
function
int shuser_info_set
(char *acc_name, shpriv_t *priv, int cmd, unsigned char *data, size_t data_len)
function
int shuser_remove
(char *acc_name, shpriv_t *priv)
function
int shuser_info
(char *acc_name, int cmd, unsigned char *ret_data, size_t *ret_len_p)
function
shjson_t* shuser_json
(char *acc_name)
function
int shuser_verify
(char *acc_name)
function
int shuser_inform
(uint64_t uid)
Notify the shared daemon of an account.
function
int shuser_admin_default
(shpriv_t **priv_p)
function
int shpam_shadow_login
(shfs_ino_t *file, char *acc_name, uint32_t code_2fa, unsigned char *pass_data, size_t pass_len, shpriv_t **priv_p)
function
int shpam_shadow_pass_set
(shfs_ino_t *file, char *acc_name, shpriv_t *priv, unsigned char *pass_data, size_t pass_len)
function
int shpam_shadow_remove
(shfs_ino_t *file, uint64_t uid, shpriv_t *priv)
function
int shpam_shadow_get
(shfs_ino_t *file, uint64_t uid, int cmd, unsigned char *raw, size_t *raw_len_p)
function
int shpam_shadow_set
(shfs_ino_t *file, uint64_t uid, shpriv_t *priv, int cmd, unsigned char *raw, size_t raw_len)
function
int shpam_shadow_uid_verify
(shfs_ino_t *file, uint64_t uid)
function
shjson_t* shpam_shadow_json
(shfs_ino_t *file, uint64_t uid)
function
shfs_ino_t* shpam_shadow_file
(shfs_t **fs_p)
function
int shpam_shadow_remote_set
(shfs_ino_t *file, uint64_t uid, shauth_t *auth)
function
int shpam_shadow_priv_verify
(shfs_ino_t *file, shpriv_t *priv)
function
int shpam_shadow_admin_login
(shfs_ino_t *file, unsigned char *pass_data, size_t pass_len, shpriv_t **priv_p)
function
shpriv_t* shpam_shadow_admin_default
(shfs_ino_t *file)
function
shtime_t shpam_shadow_ctime
(shfs_ino_t *file, uint64_t uid)
function
int shpam_shadow_auth_load
(shfs_ino_t *file, uint64_t uid, int scope, shauth_t *ret_auth)
function
int shpam_auth_set
(shseed_t *seed, char *username, unsigned char *pass_data, size_t pass_len)
Generate a pass key from the username and pass code provided.
function
int shpam_auth_verify
(shseed_t *seed, char *username, unsigned char *pass_data, size_t pass_len)
Verify a password seed references a username and password.
function
uint64_t shpam_salt_crypt
(void)
Obtain the linux PAM salt used to "crypt" the passphrase.
function
int shpam_auth_alg_default
(int scope)
function
int shpam_auth_init
(uint64_t uid, shseed_t *seed)
function
int shpam_auth_2fa_verify
(shseed_t *seed, char *username, uint32_t code_2fa)
function
uint64_t shpam_master_seed
(shseed_t *seed)
A checksum which is representative of the "secret data" associated with an account.
function
uint64_t shpam_euid
(void)
function
char* shapp_name
(char *app_name)
Strips the absolute parent from . app_name
Note
"/test/one/two" becomes "two"
Return Value
Relative filename of executable.
Param
app_name
The running application's executable path
function
shpeer_t* shapp_init
(char *exec_path, char *host, int flags)
Initialize the share library runtime for an application.
Param
exec_path
The process's executable path.
host
The host that the app runs on or NULL for localhost.
flags
application flags
function
int shapp_register
(shpeer_t *peer)
function
int shapp_listen
(int tx, shpeer_t *peer)
function
int shapp_account
(const char *username, char *passphrase, shseed_t **seed_p)
function
int shapp_ident
(uint64_t uid, shkey_t **id_key_p)
function
shkey_t* shapp_kpriv
(shpeer_t *peer)
function
shkey_t* shapp_kpub
(shpeer_t *peer)
define
SHAUTH_SCOPE_LOCAL
0
define
SHAUTH_SCOPE_REMOTE
1
define
SHAUTH_SCOPE_2FA
2
define
SHAUTH_SCOPE_AUX
3
define
SHAUTH_MAX
4
define
SHSEED_SECRET_SIZE
64
define
SHAUTH_PRIMARY
(1 << 0)
define
SHAUTH_SECONDARY
(1 << 1)
define
SHAUTH_SECRET
(1 << 2)
public key is derived from local seed secret
define
SHAUTH_EXTERNAL
(1 << 3)
authorization method provided via external (not local user) means
define
SHAUTH_TIME
(1 << 4)
the algorithm uses a relative time as the payload message to sign (2fa).
define
SHPERM_READ
(1 << 0)
define
SHPERM_WRITE
(1 << 1)
define
SHPERM_CREATE
(1 << 2)
define
SHPERM_VERIFY
(1 << 3)
define
SHPERM_DELETE
(1 << 4)
define
SHPERM_ADMIN
(SHPERM_READ | SHPERM_WRITE | SHPERM_CREATE | \ SHPERM_VERIFY | SHPERM_DELETE)
define
SHPAM_DELETE
(1 << 0)
define
SHPAM_EXPIRE
(1 << 1)
define
SHPAM_LOCK
(1 << 2)
define
SHPAM_STATUS
(1 << 3)
define
SHPAM_SESSION
(1 << 4)
define
SHPAM_UNLOCK
(1 << 5)
define
SHPAM_UPDATE
(1 << 6)
define
SHPAM_CREATE
(1 << 7)
define
SHUSER_NAME
0
define
SHUSER_REALNAME
1
define
SHUSER_COINADDR
2
define
SHUSER_ZIPCODE
3
define
SHUSER_GEO
4
define
SHUSER_CTIME
5
define
SHUSER_2FA
6
define
SHAPP_LOCAL
(1 << 0)
An application that is not intended to be publically accessible.
define
SHAPP_RLIMIT
(1 << 1)
Indicates that the "soft" resource limitations set by OS should be utilized.