PAM_SETCRED



PAM_SETCRED

NAME
pam_setcred − establish / delete user credentials

SYNOPSIS
#include <security/pam_appl.h>

int pam_setcred(pam_handle_t *pamh, int flags);

DESCRIPTION

The pam_setcred function is used to establish, maintain and delete the credentials of a user. It should be called to set the credentials after a user has been authenticated and before a session is opened for the user (with pam_open_session(3)). The credentials should be deleted after the session has been closed (with pam_close_session(3)).

A credential is something that the user possesses. It is some property, such as a Kerberos ticket, or a supplementary group membership that make up the uniqueness of a given user. On a Linux system the user´s UID and GID´s are credentials too. However, it has been decided that these properties (along with the default supplementary groups of which the user is a member) are credentials that should be set directly by the application and not by PAM. Such credentials should be established, by the application, prior to a call to this function. For example, initgroups(2) (or equivalent) should have been performed.

Valid flags, any one of which, may be logically OR´d with PAM_SILENT, are:

PAM_ESTABLISH_CRED

Initialize the credentials for the user.

PAM_DELETE_CRED

Delete the user´s credentials.

PAM_REINITIALIZE_CRED

Fully reinitialize the user´s credentials.

PAM_REFRESH_CRED

Extend the lifetime of the existing credentials.

RETURN VALUES
PAM_BUF_ERR

Memory buffer error.

PAM_CRED_ERR

Failed to set user credentials.

PAM_CRED_EXPIRED

User credentials are expired.

PAM_CRED_UNAVAIL

Failed to retrieve user credentials.

PAM_SUCCESS

Data was successful stored.

PAM_SYSTEM_ERR

A NULL pointer was submitted as PAM handle, the function was called by a module or another system error occured.

PAM_USER_UNKNOWN

User is not known to an authentication module.

SEE ALSO
pam_authenticate(3), pam_open_session(3), pam_close_session(3), pam_strerror(3)


More Linux Commands

manpages/list.3.html
list(3) - list routines (Library - Linux man page)..........
list_new initialises the list header list so as to create an empty list. list_addhead adds node to the head of list, returning the node just added. list_addtail

manpages/XScreenSaverAllocInfo.3.html
XScreenSaverAllocInfo(3) - X11 Screen Saver extension client
The X Window System provides support for changing the image on a display screen after a user-settable period of inactivity to avoid burning the cathode ray tube

manpages/glColor3ui.3gl.html
glColor3ui(3gl) - set the current color - Linux manual page
The GL stores both a current single-valued color index and a current four-valued RGBA color. glColor sets a new four-valued RGBA color. glColor has two major va

manpages/system-config-printer-applet.1.html
system-config-printer-applet(1) - print job manager.........
system-config-printer-applet is a print job manager for CUPS. Normally it will display a printer icon in the notification area, greyed out when there are no pri

manpages/socket.2.html
socket(2) - create an endpoint for communication (Man Page)
socket() creates an endpoint for communication and returns a descriptor. The domain argument specifies a communication domain; this selects the protocol family

manpages/XcmsQueryBlue.3.html
XcmsQueryBlue(3) - obtain black, blue, green, red, and white
The XcmsQueryBlack function returns the color specification in the specified target format for zero-intensity red, green, and blue. The XcmsQueryBlue function r

manpages/feature.3pm.html
feature(3pm) - Perl pragma to enable new features (ManPage)
It is usually impossible to add new syntax to Perl without breaking some existing programs. This pragma provides a way to minimize that risk. New syntactic cons

manpages/memcmp.3.html
memcmp(3) - compare memory areas (Library - Linux man page)
The memcmp() function compares the first n bytes (each interpreted as unsigned char) of the memory areas s1 and s2. RETURN VALUE The memcmp() function returns a

manpages/pdfdetach.1.html
pdfdetach(1) Portable Document Format (PDF) document embedde
Pdfdetach lists or extracts embedded files (attachments) from a Portable Document Format (PDF) file. OPTIONS Some of the following options can be set with confi

manpages/ypchsh.1.html
ypchsh(1) - change your password in the NIS database........
In the old days, the standard passwd(1), chfn(1) and chsh(1) tools could not be used under Linux to change the users NIS password, shell and GECOS information.

manpages/SDL_SemWaitTimeout.3.html
SDL_SemWaitTimeout(3) - Lock a semaphore, but only wait up t
SDL_SemWaitTimeout() is a varient of SDL_SemWait with a maximum timeout value. If the value of the semaphore pointed to by sem is positive (greater than zero) i

manpages/pciconfig_read.2.html
pciconfig_read(2) - pci device information handling.........
Most of the interaction with PCI devices is already handled by the kernel PCI layer, and thus these calls should not normally need to be accessed from user spac




We can't live, work or learn in freedom unless the software we use is free.




"Free learning resources, like free software, is a matter of freedom, not price. It's about bringing the principles of free software to general knowledge and educational materials. Knowledge should be usable and accessible to all without restrictions and should not be treated as property." Free Learning Resources



"As our society grows more dependent on computers, the software we run is of critical importance to securing the future of a free society. Free software is about having control over the technology we use in our homes, schools and businesses, where computers work for our individual and communal benefit" Learn About Free Software