NAME
pam_setcred
—
modify / delete user credentials for an
authentication service
SYNOPSIS
#include
<sys/types.h>
#include
<security/pam_appl.h>
int
pam_setcred
(pam_handle_t
*pamh, int
flags);
DESCRIPTION
Thepam_setcred
()
function manages the application's credentials.
The flags argument is the binary or of zero or more of the following values:
PAM_SILENT
- Do not emit any messages.
PAM_ESTABLISH_CRED
- Establish the credentials of the target user.
PAM_DELETE_CRED
- Revoke all established credentials.
PAM_REINITIALIZE_CRED
- Fully reinitialise credentials.
PAM_REFRESH_CRED
- Refresh credentials.
The latter four are mutually exclusive.
If any other bits are set,
pam_setcred
()
will return PAM_BAD_CONSTANT
.
RETURN VALUES
The pam_setcred
() function returns one of
the following values:
- [
PAM_SUCCESS
] - Success.
- [
PAM_ABORT
] - General failure.
- [
PAM_BAD_CONSTANT
] - Bad constant.
- [
PAM_BUF_ERR
] - Memory buffer error.
- [
PAM_CONV_ERR
] - Conversation failure.
- [
PAM_CRED_ERR
] - Failed to set user credentials.
- [
PAM_CRED_EXPIRED
] - User credentials have expired.
- [
PAM_CRED_UNAVAIL
] - Failed to retrieve user credentials.
- [
PAM_PERM_DENIED
] - Permission denied.
- [
PAM_SERVICE_ERR
] - Error in service module.
- [
PAM_SYSTEM_ERR
] - System error.
- [
PAM_USER_UNKNOWN
] - Unknown user.
SEE ALSO
STANDARDS
X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.
AUTHORS
The pam_setcred
() function and this manual
page were developed for the FreeBSD Project by
ThinkSec AS and Network Associates Laboratories, the Security Research
Division of Network Associates, Inc. under DARPA/SPAWAR contract
N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS
research program.
The OpenPAM library is maintained by Dag-Erling Smørgrav <des@des.no>.