sssd 2.6.1
|
SSSD can send different kind of information back to the client. More...
Modules | |
User info messages | |
To achieve a consistent user experience and to facilitate internationalization all messages show to the user are generate by the PAM client and not by the SSSD server components. | |
Enumerations | |
enum | response_type { SSS_PAM_SYSTEM_INFO = 0x01 , SSS_PAM_DOMAIN_NAME , SSS_PAM_ENV_ITEM , SSS_ENV_ITEM , SSS_ALL_ENV_ITEM , SSS_PAM_USER_INFO , SSS_PAM_TEXT_MSG , SSS_PAM_OTP_INFO , SSS_PAM_CERT_INFO , SSS_OTP , SSS_PASSWORD_PROMPTING , SSS_CERT_AUTH_PROMPTING , SSS_PAM_CERT_INFO_WITH_HINT , SSS_PAM_PROMPT_CONFIG } |
Types of different messages. More... | |
SSSD can send different kind of information back to the client.
A response from the SSSD can contain 0 or more messages. Each message contains a type tag and the size of the message data, both are unsigned 32-bit integer values, followed be the message specific data.
If the message is generated by a backend it is send back to the PAM responder via a D-BUS message in an array of D-BUS structs. The struct consists of a DBUS_TYPE_UINT32 for the tag and a DBUS_TYPE_ARRAY to hold the message.
Examples:
uint32_t | uint32_t | uint8_t[4] |
---|---|---|
0x03 | 0x04 | a=b\0 |
enum response_type |
Types of different messages.
Enumerator | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
SSS_PAM_SYSTEM_INFO | Message for the system log.
| ||||||||||||
SSS_PAM_DOMAIN_NAME | Name of the domain the user belongs too. This messages is generated by the PAM responder.
| ||||||||||||
SSS_PAM_ENV_ITEM | Set and environment variable with pam_putenv(3).
| ||||||||||||
SSS_ENV_ITEM | Set and environment variable with putenv(3).
| ||||||||||||
SSS_ALL_ENV_ITEM | Set and environment variable with putenv(3) and pam_putenv(3).
| ||||||||||||
SSS_PAM_USER_INFO | A message which should be displayed to the user.
| ||||||||||||
SSS_PAM_TEXT_MSG | A plain text message which should be displayed to the user. This should only be used in the case where it is not possible to use SSS_PAM_USER_INFO.
| ||||||||||||
SSS_PAM_OTP_INFO | A message which optionally may contain the name of the vendor, the ID of an OTP token and a challenge.
| ||||||||||||
SSS_PAM_CERT_INFO | A message indicating that Smartcard/certificate based authentication is available and contains details about the found Smartcard.
| ||||||||||||
SSS_OTP | Indicates that the authtok was a OTP, so don't cache it. There is no message.
| ||||||||||||
SSS_PASSWORD_PROMPTING | Indicates that password prompting is possible. This might be used together with SSS_PAM_OTP_INFO to determine the type of prompting. There is no message.
| ||||||||||||
SSS_CERT_AUTH_PROMPTING | Indicates that on the server side Smartcard/certificate based authentication is available for the selected account. This might be used together with other prompting options to determine the type of prompting.
| ||||||||||||
SSS_PAM_CERT_INFO_WITH_HINT | Same as SSS_PAM_CERT_INFO but user name might be missing and should be prompted for. | ||||||||||||
SSS_PAM_PROMPT_CONFIG | Contains data which controls which credentials are expected and how the user is prompted for them. |