#define PAM_SM_ACCOUNT
#include <security/pam_modules.h>
This function performs the task of establishing whether the user is permitted to gain access at this time. It should be understood that the user has previously been validated by an authentication module. This function checks for other things. Such things might be: the time of day or the date, the terminal line, remote hostname, etc. This function may also determine things like the expiration on passwords, and respond that the user change it before continuing.
Valid flags, which may be logically OR'd with PAM_SILENT, are:
PAM_SILENT
PAM_DISALLOW_NULL_AUTHTOK
PAM_ACCT_EXPIRED
PAM_AUTH_ERR
PAM_NEW_AUTHTOK_REQD
PAM_PERM_DENIED
PAM_SUCCESS
PAM_USER_UNKNOWN
pam(3), pam_acct_mgmt(3), pam_sm_chauthtok(3), pam_strerror(3), PAM(8)