PAM_SM_SETCRED





PAM_SM_SETCRED

NAME
pam_sm_setcred − PAM service function to alter credentials

SYNOPSIS
#define PAM_SM_AUTH

#include <security/pam_modules.h>

PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv);

DESCRIPTION

The pam_sm_setcred function is the service module´s implementation of the pam_setcred(3) interface.

This function performs the task of altering the credentials of the user with respect to the corresponding authorization scheme. Generally, an authentication module may have access to more information about a user than their authentication token. This function is used to make such information available to the application. It should only be called after the user has been authenticated but before a session has been established.

Valid flags, which may be logically OR´d with PAM_SILENT, are:

PAM_SILENT

Do not emit any messages.

PAM_ESTABLISH_CRED

Initialize the credentials for the user.

PAM_DELETE_CRED

Delete the credentials associated with the authentication service.

PAM_REINITIALIZE_CRED

Reinitialize the user credentials.

PAM_REFRESH_CRED

Extend the lifetime of the user credentials.

The way the auth stack is navigated in order to evaluate the pam_setcred() function call, independent of the pam_sm_setcred() return codes, is exactly the same way that it was navigated when evaluating the pam_authenticate() library call. Typically, if a stack entry was ignored in evaluating pam_authenticate(), it will be ignored when libpam evaluates the pam_setcred() function call. Otherwise, the return codes from each module specific pam_sm_setcred() call are treated as required.

RETURN VALUES
PAM_CRED_UNAVAIL

This module cannot retrieve the user´s credentials.

PAM_CRED_EXPIRED

The user´s credentials have expired.

PAM_CRED_ERR

This module was unable to set the credentials of the user.

PAM_SUCCESS

The user credential was successfully set.

PAM_USER_UNKNOWN

The user is not known to this authentication module.

These, non−PAM_SUCCESS, return values will typically lead to the credential stack failing. The first such error will dominate in the return value of pam_setcred().

SEE ALSO
pam(3), pam_authenticate(3), pam_setcred(3), pam_sm_authenticate(3), pam_strerror(3), PAM(8)


We can't live, work or learn in freedom unless the software we use is free.




"Free learning resources, like free software, is a matter of freedom, not price. It's about bringing the principles of free software to general knowledge and educational materials. Knowledge should be usable and accessible to all without restrictions and should not be treated as property." Free Learning Resources



"As our society grows more dependent on computers, the software we run is of critical importance to securing the future of a free society. Free software is about having control over the technology we use in our homes, schools and businesses, where computers work for our individual and communal benefit" Learn About Free Software