PAM_SETCRED(3) |
Library Functions Manual |
PAM_SETCRED(3) |
NAME
pam_setcred — modify / delete user credentials for an authentication service
LIBRARY
Pluggable Authentication Module Library (libpam, -lpam)
DESCRIPTION
The
pam_setcred function manages the application's credentials.
The flags argument is the binary or of zero or more of the following values:
-
PAM_SILENT
-
Do not emit any messages.
-
PAM_ESTABLISH_CRED
-
Establish the credentials of the target user.
-
PAM_DELETE_CRED
-
Revoke all established credentials.
-
PAM_REINITIALIZE_CRED
-
Fully reinitialise credentials.
-
PAM_REFRESH_CRED
-
Refresh credentials.
The latter four are mutually exclusive.
If any other bits are set, pam_setcred will return PAM_SYMBOL_ERR.
RETURN VALUES
The
pam_setcred function returns one of the following values:
-
[PAM_ABORT]
-
General failure.
-
[PAM_BUF_ERR]
-
Memory buffer error.
-
[PAM_CONV_ERR]
-
Conversation failure.
-
[PAM_CRED_ERR]
-
Failed to set user credentials.
-
[PAM_CRED_EXPIRED]
-
User credentials have expired.
-
[PAM_CRED_UNAVAIL]
-
Failed to retrieve user credentials.
-
[PAM_PERM_DENIED]
-
Permission denied.
-
[PAM_SERVICE_ERR]
-
Error in service module.
-
[PAM_SYMBOL_ERR]
-
Invalid symbol.
-
[PAM_SYSTEM_ERR]
-
System error.
-
[PAM_USER_UNKNOWN]
-
Unknown user.
STANDARDS
X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.
AUTHORS
The pam_setcred function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.