pam_acct_mgmt() establishes the account's usability and the user's accessibility to the system. It is typically called after the user has been authenticated.
flags may be specified as any valid flag (namely,
one of those applicable to the flags argument of
pam_authenticate()). Additionally, the value of
flags may be logically or'd
User is valid, but user's authentication token has expired. The correct response to this return-value is to require that the user satisfy the pam_chauthtok() function before obtaining service. It may not be possible for an application to do this. In such a case, the user should be denied access until the account password is updated.
User is no longer permitted access to the system.
User is not permitted to gain access at this time.
User is not known to a module's account management component.