PAM module-specific implementation of pam_authenticate().
PAM Library (libpam.a)
#include <security/pam_appl.h>
#include <security/pam_modules.h>
int pam_sm_authenticate (PAMHandle, Flags, Argc, Argv)
pam_handle_t *PAMHandle;
int Flags;
int Argc;
const char **Argv;
When an application invokes pam_authenticate(), the PAM Framework calls pam_sm_authenticate for each module in the authentication module stack. This allows all the PAM module authors to implement their own authenticate routine. pam_authenticate and pam_sm_authenticate provide an authentication service to verify that the user is allowed access.
Item | Description |
---|---|
PAMhandle | The PAM handle representing the current user authentication session. This handle is obtained by a call to pam_start(). |
Flags | The flags are used to set pam_acct_mgmt options.
The recognized flags are:
|
Argc | The number of module options defined. |
Argv | The module options. These options are module-dependent. Any modules receiving invalid options should ignore them. |
Upon successful completion, pam_sm_authenticate returns PAM_SUCCESS. If the routine fails, a different error is returned, depending on the actual error.
Item | Description |
---|---|
PAM_AUTH_ERR | An error occurred in authentication, usually because of an invalid authentication token. |
PAM_CRED_INSUFFICIENT | The user has insufficient credentials to access the authentication data. |
PAM_AUTHINFO_UNAVAIL | The authentication information cannot be retrieved. |
PAM_USER_UNKNOWN | The user is not known. |
PAM_MAXTRIES | The maximum number of authentication retries has been reached. |
PAM_OPEN_ERR | One of the PAM authentication modules could not be loaded. |
PAM_SYMBOL_ERR | A necessary item is not available to a PAM module. |
PAM_SERVICE_ERR | An error occurred in a PAM module. |
PAM_SYSTEM_ERR | A system error occurred. |
PAM_BUF_ERR | A memory error occurred. |
PAM_CONV_ERR | A conversation error occurred. |
PAM_PERM_DENIED | Access permission was denied to the user. |