pam_sm_setcred − PAM service function to alter credentials

#define PAM_SM_AUTH

#include <security/pam_modules.h>

PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv);


The pam_sm_setcred function is the service module´s implementation of the pam_setcred(3) interface.

This function performs the task of altering the credentials of the user with respect to the corresponding authorization scheme. Generally, an authentication module may have access to more information about a user than their authentication token. This function is used to make such information available to the application. It should only be called after the user has been authenticated but before a session has been established.

Valid flags, which may be logically OR´d with PAM_SILENT, are:


Do not emit any messages.


Initialize the credentials for the user.


Delete the credentials associated with the authentication service.


Reinitialize the user credentials.


Extend the lifetime of the user credentials.

The way the auth stack is navigated in order to evaluate the pam_setcred() function call, independent of the pam_sm_setcred() return codes, is exactly the same way that it was navigated when evaluating the pam_authenticate() library call. Typically, if a stack entry was ignored in evaluating pam_authenticate(), it will be ignored when libpam evaluates the pam_setcred() function call. Otherwise, the return codes from each module specific pam_sm_setcred() call are treated as required.


This module cannot retrieve the user´s credentials.


The user´s credentials have expired.


This module was unable to set the credentials of the user.


The user credential was successfully set.


The user is not known to this authentication module.

These, non−PAM_SUCCESS, return values will typically lead to the credential stack failing. The first such error will dominate in the return value of pam_setcred().

(3), pam_authenticate(3), pam_setcred(3), pam_sm_authenticate(3), pam_strerror(3), PAM(8)

More Linux Commands

SDL_ListModes(3) - Returns a pointer to an array of availabl
Return a pointer to an array of available screen dimensions for the given format and video flags, sorted largest to smallest. Returns NULL if there are no dimen

TIFFstrip(3tiff) - strip-related utility routines (ManPage)
TIFFDefaultStripSize returns the number of rows for a reasonable-sized strip according to the current settings of the ImageWidth, BitsPerSample, SamplesPerPixel

keyctl_set_timeout(3) - Set the expiration timer on a key...
keyctl_set_timeout() sets the expiration timer on a key to timeout seconds into the future. Setting timeout to zero cancels the expiration, assuming the key has

TIFFswab(3tiff) - byte- and bit-swapping routines (ManPage)
The following routines are used by the library to swap 16- and 32-bit data and to reverse the order of bits in bytes. TIFFSwabShort and TIFFSwabLong swap the by

ldap_compare_ext_s(3) - Perform an LDAP compare operation.
The ldap_compare_ext_s() routine is used to perform an LDAP compare operation synchronously. It takes dn, the DN of the entry upon which to perform the compare,

tftpd(8) - Trivial File Transfer Protocol server (Man Page)
tftpd is a server for the Trivial File Transfer Protocol. The TFTP protocol is extensively used to support remote booting of diskless devices. The server is nor

tsget(1ssl) Time Stamping HTTP HTTPS client - Linux man page
The tsget command can be used for sending a time stamp request, as specified in RFC 3161 , to a time stamp server over HTTP or HTTPS and storing the time stamp

puts(3) - output of characters and strings - Linux man page
fputc() writes the character c, cast to an unsigned char, to stream. fputs() writes the string s to stream, without its terminating null byte (\0). putc() is eq

XtGetActionKeysym(3) - obtain corresponding keysym (ManPage)
If XtGetActionKeysym is called after an action procedure has been invoked by the Intrinsics and before that action procedure returns, and if the event pointer h

Tcl_GetCommandName(3) - implement new commands in C.........
Tcl_CreateObjCommand defines a new command in interp and associates it with procedure proc such that whenever name is invoked as a Tcl command (e.g., via a call

form_field_opts(3form) - set and get field options (ManPage)
The function set_field_opts sets all the given fields option bits (field option bits may be logically-ORed together). The function field_opts_on turns on the gi

Env(3pm) - perl module that imports environment variables as
Perl maintains environment variables in a special hash named %ENV. For when this access method is inconvenient, the Perl module Env allows environment variables

We can't live, work or learn in freedom unless the software we use is free.