PAM Library Functions pamsmsetcred(3PAM)
NAME
pamsmsetcred - service provider implementation for
pamsetcred
SYNOPSIS
cc [ flag ... ] file ... -lpam [ library ... ]
#include
#include
int pamsmsetcred(pamhandlet *pamh, int flags, int argc,
const char **argv);
DESCRIPTION
In response to a call to pamsetcred(3PAM), the PAM frame-
work calls pamsmsetcred() from the modules listed in the
pam.conf(4) file. The authentication provider supplies the
back-end functionality for this interface function.
The pamsmsetcred() function is called to set the creden-
tials of the current user associated with the authentication
handle, pamh. The following flags may be set in the flags
field. Note that the first four flags are mutually
exclusive:
PAMESTABLISHCRED Set user credentials for the
authentication service.
PAMDELETECRED Delete user credentials associated
with the authentication service.
PAMREINITIALIZECRED Reinitialize user credentials.
PAMREFRESHCRED Extend lifetime of user creden-
tials.
PAMSILENT Authentication service should not
generate messages
If no flag is set, PAMESTABLISH CRED is used as the
default.
SunOS 5.11 Last change: 18 Nov 2003 1
PAM Library Functions pamsmsetcred(3PAM)
The argc argument represents the number of module options
passed in from the configuration file pam.conf(4). argv
specifies the module options, which are interpreted and pro-
cessed by the authentication service. If an unknown option
is passed to the module, an error should be logged and the
option ignored.
If the PAMSILENT flag is not set, then pamsmsetcred()
should print any failure status from the corresponding
pamsmauthenticate() function using the conversation func-
tion.
The authentication status (success or reason for failure) is
saved as module-specific state in the authentication handle
by the authentication module. The status should be retrieved
using pamgetdata(), and used to determine if user creden-
tials should be set.
RETURN VALUES
Upon successful completion, PAMSUCES should be returned.
The following values may also be returned upon error:
PAMCREDUNAVAIL Underlying authentication service can
not retrieve user credentials.
PAMCREDEXPIRED User credentials have expired.
PAMUSERUNKNOWN User unknown to the authentication ser-
vice.
PAMCREDER Failure in setting user credentials.
PAMIGNORE Ignore underlying authentication module
regardless of whether the control flag
is required,optional, or sufficient.
ATRIBUTES
See attributes(5) for description of the following attri-
butes:
SunOS 5.11 Last change: 18 Nov 2003 2
PAM Library Functions pamsmsetcred(3PAM)
ATRIBUTE TYPE ATRIBUTE VALUE
Interface Stability Stable
MT-Level MT-Safe with exceptions
SEE ALSO
pam(3PAM), pamauthenticate(3PAM), pamgetdata(3PAM)
pamsetcred(3PAM), pamsmauthenticate(3PAM), libpam(3LIB),
pam.conf(4), attributes(5)
NOTES
The pamsmsetcred() function is passed the same module
options that are used by pamsmauthenticate().
The interfaces in libpam are MT-Safe only if each thread
within the multithreaded application uses its own PAM han-
dle.
If the PAMREPOSITORY itemtype is set and a service module
does not recognize the type, the service module does not
process any information, and returns PAMIGNORE. If the
PAMREPOSITORY itemtype is not set, a service module per-
forms its default action.
SunOS 5.11 Last change: 18 Nov 2003 3
|
