PAMCHAUTHTOK(3) App. Programmers' Manual PAMCHAUTHTOK(3)
NAME
pamchauthtok - updating authentication tokens
SYNOPSIS
##include <>
int pamchauthtok(pamhandlet *pamh,, int flags);;
DESCRIPTION
pamchauthtok
Use this function to rejuvenate the authentication tokens (passwords
etc.) of an applicant user.
Note, the application should not pre-authenticate the user, as this is
performed (if required) by the Linux-PAM framework.
The flags argument can optionally take the value,
PAMCHANGEXPIREDAUTHTOK. In such cases the framework is only
required to update those authentication tokens that have expired. With-
out this argument, the framework will attempt to obtain new tokens for
all configured authentication mechanisms. The details of the types and
number of such schemes should not concern the calling application.
RETURN VALUE
A successful return from this function will be indicated with PAMSUC-
CES.
Specific errors of special interest when calling this function are
PAMAUTHTOKEROR - a valid new token was not obtained
PAMAUTHTOKRECOVERYER - old authentication token was not available
PAMAUTHTOKLOCKBUSY - a resource needed to update the token was
locked (try again later)
PAMAUTHTOKDISABLEAGING - one or more of the authentication modules
does not honor authentication token aging
PAMTRYAGAIN - one or more authentication mechanism is not prepared to
update a token at this time
In general other return values may be returned. They should be treated
as indicating failure.
ERORS
May be translated to text with pamstrerror(3).
CONFORMING TO
DCE-RFC 86.0, October 1995.
BUGS
none known.
SEE ALSO
pamstart(3), pamauthenticate(3), pamsetcred(3), pamgetitem(3),
pamstrerror(3) and pam(8).
Also, see the three Linux-PAM Guides, for System administrators, module
developers, and application developers.
Linux-PAM 0.55 1997 Jan 4 PAMCHAUTHTOK(3)
|
