man.bsd.lv manual page server

Manual Page Search Parameters
PAM_AUTHENTICATE(3) Library Functions Manual PAM_AUTHENTICATE(3)

pam_authenticateperform authentication within the PAM framework

#include <sys/types.h>
#include <security/pam_appl.h>

int
pam_authenticate(pam_handle_t *pamh, int flags);

The () function attempts to authenticate the user associated with the pam context specified by the pamh argument.

The application is free to call () as many times as it wishes, but some modules may maintain an internal retry counter and return PAM_MAXTRIES when it exceeds some preset or hardcoded limit.

The flags argument is the binary or of zero or more of the following values:

Do not emit any messages.
Fail if the user's authentication token is null.

If any other bits are set, () will return PAM_BAD_CONSTANT.

The pam_authenticate() function returns one of the following values:

[PAM_SUCCESS]
Success.
[PAM_ABORT]
General failure.
[PAM_AUTHINFO_UNAVAIL]
Authentication information is unavailable.
[PAM_AUTH_ERR]
Authentication error.
[PAM_BAD_CONSTANT]
Bad constant.
[PAM_BUF_ERR]
Memory buffer error.
[PAM_CONV_ERR]
Conversation failure.
[PAM_CRED_INSUFFICIENT]
Insufficient credentials.
[PAM_MAXTRIES]
Maximum number of tries exceeded.
[PAM_PERM_DENIED]
Permission denied.
[PAM_SERVICE_ERR]
Error in service module.
[PAM_SYSTEM_ERR]
System error.
[PAM_USER_UNKNOWN]
Unknown user.

pam(3), pam_strerror(3)

X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.

The pam_authenticate() function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.

The OpenPAM library is maintained by Dag-Erling Smørgrav <des@des.no>.

April 30, 2017 FreeBSD-12.0