This section describes the public libuser API, which is available to applications.
This section describes how to start up and shut down the library.
Initializes the library, loads the specified modules, and returns a context structure on success, or NULL on failure.
The auth_user and auth_name arguments are hints to the modules for determining the identity to connect to information stores as. The default administrator can be specified by passing in NULL as the auth_user argument.
The info_modules and auth_modules arguments allow the application to override the lists of modules set in the library's configuration file. The application can specify NULL for both values to use the configured defaults.
The prompter argument is the address of a function which modules can call in order to obtain information needed for accessing information stores. The library provides lu_prompt_console for console-based applications. If the application passes in NULL, then no prompts will be made, and library initialization may fail.
The callback_data argument is a pointer to application-specific data which the prompter function will be passed whenever it is called.
Sets the list of information modules used. The context argument is a structure obtained through a previous call to lu_start, and the list argument is identical to the info_modules argument used by lu_start.
Sets the list of authentication modules used. The context argument is a structure obtained through a previous call to lu_start, and the list argument is identical to the auth_modules argument used by lu_start.
Shuts down the library, unloads the modules in use, and frees memory.
This section describes the entity data structure and how it is used to look up, create, modify, and destroy users and groups.
Creates a new lu_ent structure. This is an array of lists, indexed by strings, of user/group attributes, similar to a pwdb_entry. An lu_ent also contains a notion of original and working attribute sets.
Copies the contents of one lu_ent to another.
Sets the lu_ent's working attribute set to match the values stored in its original attribute set.
Frees an lu_ent structure.
Returns a GList of the names of the attributes the entity has defined values for.
Returns a GList of the values for the named attribute which the entity structure contains.
Like lu_ent_get, but accesses the original attribute set instead of the working attribute set.
Most attributes only contain a single value. This function can be used to set that value. Returns TRUE on success, and FALSE on failure.
Like lu_ent_set, but access the original attribute set instead of the working attribute set. This is used when populating new structures and creating accounts.
Adds a value to the list of values for the named attribute. Returns TRUE on success, and FALSE on failure.
Like lu_ent_add, but accesses the original attribute set instead of the working attribute set.
Removes a value from the list of values for the named attribute. Returns TRUE on success, and FALSE on failure.
Removes all values from the list of values for the named attribute, and removes the attribute. Returns TRUE on success, and FALSE on failure.
Like lu_ent_clear, but accesses the original attribute set instead of the working attribute set.
This section describes how an application can look up user and group information, and add, modify, and delete accounts. Although the library provides distinct user and group access functions, the function declarations are similar enough that the group variants are omitted here.
Looks up information for the named user, and stores the information in the passed lu_ent structure if such information is found. Returns TRUE on success, FALSE on failure.
Like lu_user_lookup_name, but takes a uid_t instead of a name. The group variant takes a gid_t.
Creates a new user account using information stored in the lu_ent structure. Returns TRUE if the operation is successful. The library does this by attempting to create an authentication entity for the user (this is a purposefully vague description -- individual back-end modules will do this in different ways) using one of the configured auth_modules. If this succeeds, the library will create a general information entity for the user using one of the configured info_modules.
Brings the user's account information (as reflected in information stores) in line with the working attribute set in the passed-in lu_ent structure. Returns TRUE if the operation is successful, FALSE if it fails. The library keeps track of the information stores accessed for the user's auth and info attributes, and modifies only these.
Deletes the named user account from the information stores which contain the user's auth and info attributes. Returns TRUE if the deletion operation is successful.
Locks the account of the user who was passed in. Returns TRUE if the locking operation is successful, or FALSE if the locking fails (for example, if the account is already locked or if account locking is not supported by the auth information store).
Unlocks the account of the user who was passed in. Returns TRUE if the unlocking operation is successful or FALSE if the account was not locked or could not be unlocked.
This section describes the mechanism libuser provides for applications and modules to access configuration data.
Reads the contents of a particular key in the configuration file, and returns a GList of the results. The key is of the form "section/key". An example key is "defaults/moduledir". If no matches are found, a list containing default_value will be returned.
Reads the contents of a particular key in the configuration file, and returns a single item from the list of results. This is a simple wrapper around lu_cfg_read meant for use when only one value is expected to be returned.
Reads and returns a list of the keys within the section named by the parent_key. This function is useful for iterating over an entire section of the configuration file.