diff options
author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2018-06-13 16:51:00 +0530 |
---|---|---|
committer | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2018-10-09 02:52:07 +0530 |
commit | 9164fd9b15e7af88e8b80c7ed7dad45266327a57 (patch) | |
tree | 06173ec0951bf8106f47cd45293f39c353786529 /user_mgr.hpp | |
parent | b26799aad62dfab304b322e7eb06167a9ea05ce7 (diff) | |
download | phosphor-user-manager-9164fd9b15e7af88e8b80c7ed7dad45266327a57.tar.gz phosphor-user-manager-9164fd9b15e7af88e8b80c7ed7dad45266327a57.zip |
Support for password & security configuration
Support for password & security enforcement configuration added.
Implements the D-Bus interface properties to read and configure
minimum password length, old password remember history, unlock
timeout and maximum login attempt.
Change-Id: I1a462a8a5d1f5dd07f3b594d62bd9c61bbdddb9c
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'user_mgr.hpp')
-rw-r--r-- | user_mgr.hpp | 61 |
1 files changed, 60 insertions, 1 deletions
diff --git a/user_mgr.hpp b/user_mgr.hpp index 44e14f7..b599724 100644 --- a/user_mgr.hpp +++ b/user_mgr.hpp @@ -17,6 +17,7 @@ #include <sdbusplus/bus.hpp> #include <sdbusplus/server/object.hpp> #include <xyz/openbmc_project/User/Manager/server.hpp> +#include <xyz/openbmc_project/User/AccountPolicy/server.hpp> #include <unordered_map> #include "users.hpp" @@ -28,10 +29,13 @@ namespace user using UserMgrIface = sdbusplus::xyz::openbmc_project::User::server::Manager; using UserSSHLists = std::pair<std::vector<std::string>, std::vector<std::string>>; +using AccountPolicyIface = + sdbusplus::xyz::openbmc_project::User::server::AccountPolicy; + /** @class UserMgr * @brief Responsible for managing user accounts over the D-Bus interface. */ -class UserMgr : public UserMgrIface +class UserMgr : public UserMgrIface, AccountPolicyIface { public: UserMgr() = delete; @@ -93,6 +97,35 @@ class UserMgr : public UserMgrIface */ void userEnable(const std::string &userName, bool enabled); + /** @brief update minimum password length requirement + * + * @param[in] val - minimum password length + * @return - minimum password length + */ + uint8_t minPasswordLength(uint8_t val) override; + + /** @brief update old password history count + * + * @param[in] val - number of times old passwords has to be avoided + * @return - number of times old password has to be avoided + */ + uint8_t rememberOldPasswordTimes(uint8_t val) override; + + /** @brief update maximum number of failed login attempt before locked + * out. + * + * @param[in] val - number of allowed attempt + * @return - number of allowed attempt + */ + uint16_t maxLoginAttemptBeforeLockout(uint16_t val) override; + + /** @brief update timeout to unlock the account + * + * @param[in] val - value in seconds + * @return - value in seconds + */ + uint32_t accountUnlockTimeout(uint32_t val) override; + private: /** @brief sdbusplus handler */ sdbusplus::bus::bus &bus; @@ -201,6 +234,32 @@ class UserMgr : public UserMgrIface * @return - returns user count */ size_t getIpmiUsersCount(void); + + /** @brief get pam argument value + * method to get argument value from pam configuration + * + * @param[in] moduleName - name of the module from where arg has to be read + * @param[in] argName - argument name + * @param[out] argValue - argument value + * + * @return 0 - success state of the function + */ + int getPamModuleArgValue(const std::string &moduleName, + const std::string &argName, std::string &argValue); + + /** @brief set pam argument value + * method to set argument value in pam configuration + * + * @param[in] moduleName - name of the module in which argument value has + * to be set + * @param[in] argName - argument name + * @param[out] argValue - argument value + * + * @return 0 - success state of the function + */ + int setPamModuleArgValue(const std::string &moduleName, + const std::string &argName, + const std::string &argValue); }; } // namespace user |