pam_setcred (3pam) manual page

Table of Contents

Name

pam_setcred - modify/delete user credentials for an authentication service

Synopsis

cc [ flag ... ] file ... -lpam [ library ... ] #include <security/pam_appl.h>

int pam_setcred(pam_handle_t *pamh, int flags);

Description

The pam_setcred() function is used to establish, modify, or delete user credentials. It is typically called after the user has been authenticated and after a session has been opened. See pam_authenticate(3PAM) , pam_acct_mgmt(3PAM) , and pam_open_session(3PAM) .

The user is specified by a prior call to pam_start() or pam_set_item(), and is referenced by the authentication handle, pamh. The following flags may be set in the flags field. Note that the first four flags are mutually exclusive:

PAM_ESTABLISH_CRED
Set user credentials for an authentication service.

PAM_DELETE_CRED
Delete user credentials associated with an authentication service.

PAM_REINITIALIZE_CRED
Reinitialize user credentials.

PAM_REFRESH_CRED
Extend lifetime of user credentials.

PAM_SILENT
Authentication service should not generate any messages.

If no flag is set, PAM_ESTABLISH_CRED is used as the default.

Return Values

Upon success, pam_setcred() returns PAM_SUCCESS. In addition to the error return values described in pam(3PAM) the following values may be returned upon error:

PAM_CRED_UNAVAIL
Underlying authentication service can not retrieve user credentials unavailable.

PAM_CRED_EXPIRED
User credentials expired.

PAM_USER_UNKNOWN
User unknown to underlying authentication service.

PAM_CRED_ERR
Failure setting user credentials.

Attributes

See attributes(5) for description of the following attributes:

tab() allbox; cw(2.750000i)| cw(2.750000i) lw(2.750000i) lw(2.750000i). ATTRIBUTE TYPEATTRIBUTE VALUE Interface StabilityT{ Evolving T} MT-LevelMT-Safe with exceptions

See Also

pam(3PAM) , pam_acct_mgmt(3PAM) , pam_authenticate(3PAM) , pam_open_session(3PAM) , pam_set_item(3PAM) , pam_start(3PAM) , libpam(3LIB) , attributes(5)

Notes

The interfaces in libpam are MT-Safe only if each thread within the multithreaded application uses its own PAM handle.


Table of Contents