diff options
-rw-r--r-- | mof/LMI_Account.mof | 14 | ||||
-rw-r--r-- | src/account/LMI_AccountProvider.c | 63 |
2 files changed, 51 insertions, 26 deletions
diff --git a/mof/LMI_Account.mof b/mof/LMI_Account.mof index 75f0cf1..5dc6f11 100644 --- a/mof/LMI_Account.mof +++ b/mof/LMI_Account.mof @@ -33,11 +33,17 @@ class LMI_Account: CIM_Account [ Description("The date when was password last changed") ] datetime PasswordLastChange; - [ Description("The minimal date when can be password changed") ] - datetime PasswordMinLifetime; + [ Description("The date since when can be password changed") ] + datetime PasswordPossibleChange; - [ Description("The maximal date when can be password changed") ] - datetime PasswordMaxLifetime; + [ Description("The date when the user should start to be warned about password expiration") ] + datetime PasswordExpirationWarning; + + [ Description("The date when the user will not be able to login using the user's password. The user should contact her administrator.") ] + datetime PasswordInactivation; + + [ Description("The date of expiration of the account.") ] + datetime AccountExpiration; }; [ Description("LMI_AccountManagementService creates, manages, and if necessary " diff --git a/src/account/LMI_AccountProvider.c b/src/account/LMI_AccountProvider.c index 04f4857..e765d6b 100644 --- a/src/account/LMI_AccountProvider.c +++ b/src/account/LMI_AccountProvider.c @@ -61,9 +61,8 @@ static CMPIStatus LMI_AccountEnumInstances( const char *nameSpace = KNameSpace(cop); const char *hostname = get_system_name(); char *uid = NULL; - long expire, last_change, min_lifetime, max_lifetime; + long last_change, min_lifetime, max_lifetime, warn, inactive, expire; time_t last_login; - CMPIUint64 binTime = 0; CMPIStatus *rc = NULL; char *password = NULL; @@ -105,13 +104,47 @@ static CMPIStatus LMI_AccountEnumInstances( CMNewDateTimeFromBinary(_cb, DAYSTOMS(last_change),false, rc)); min_lifetime = aux_lu_get_long(lue, LU_SHADOWMIN) + last_change; - max_lifetime = aux_lu_get_long(lue, LU_SHADOWMAX) + last_change; + max_lifetime = aux_lu_get_long(lue, LU_SHADOWMAX); - LMI_Account_Set_PasswordMinLifetime(&la, - CMNewDateTimeFromBinary(_cb, DAYSTOMS(min_lifetime), false, rc)); + LMI_Account_Set_PasswordPossibleChange(&la, + CMNewDateTimeFromBinary(_cb, DAYSTOMS(min_lifetime), + false, rc)); - LMI_Account_Set_PasswordMaxLifetime(&la, - CMNewDateTimeFromBinary(_cb, DAYSTOMS(max_lifetime), false, rc)); + if (max_lifetime != 0 && max_lifetime != 99999) + { + max_lifetime += last_change; + LMI_Account_Set_PasswordExpiration(&la, + CMNewDateTimeFromBinary(_cb, DAYSTOMS(max_lifetime), false, rc)); + warn = aux_lu_get_long(lue, LU_SHADOWWARNING); + LMI_Account_Set_PasswordExpirationWarning(&la, + CMNewDateTimeFromBinary(_cb, DAYSTOMS(max_lifetime - warn), + false, rc)); + inactive = aux_lu_get_long(lue, LU_SHADOWINACTIVE); + if (inactive != -1) + { + LMI_Account_Set_PasswordInactivation(&la, + CMNewDateTimeFromBinary(_cb, + DAYSTOMS(max_lifetime + inactive), false, rc)); + } + } + else + { + LMI_Account_Null_PasswordExpiration(&la); + LMI_Account_Null_PasswordExpirationWarning(&la); + LMI_Account_Null_PasswordInactivation(&la); + } + + expire = aux_lu_get_long(lue, LU_SHADOWEXPIRE); + if (expire != -1) + { + LMI_Account_Set_AccountExpiration(&la, + CMNewDateTimeFromBinary(_cb, + DAYSTOMS(expire), false, rc)); + } + else + { + LMI_Account_Null_AccountExpiration(&la); + } last_login = aux_utmp_latest(aux_lu_get_str(lue, LU_USERNAME)); @@ -121,26 +154,11 @@ static CMPIStatus LMI_AccountEnumInstances( CMNewDateTimeFromBinary(_cb, last_login * 1000000, false, rc)); } - binTime = DAYSTOMS(aux_lu_get_long(lue, LU_SHADOWMIN)); - password = aux_lu_get_str(lue, LU_SHADOWPASSWORD); LMI_Account_Init_UserPassword(&la, 1); LMI_Account_Set_UserPassword(&la, 0, password); /* Assume all passwords (encrypted or not) are in ascii encoding */ LMI_Account_Set_UserPasswordEncoding(&la, 2); - if(strstr(password, "")) - - expire = aux_lu_get_long(lue, LU_SHADOWEXPIRE); - if (expire != -1) - { - binTime = DAYSTOMS(expire); - LMI_Account_Set_PasswordExpiration(&la, - CMNewDateTimeFromBinary(_cb, binTime, false, rc)); - } - else - { - LMI_Account_Null_PasswordExpiration(&la); - } KReturnInstance(cr, la); lu_ent_free(lue); @@ -400,6 +418,7 @@ KUint32 LMI_Account_RequestStateChange( return result; } + KONKRET_REGISTRATION( "root/cimv2", "LMI_Account", |