Main index | Section 3 | Options |
#include <security/pam_appl.h>
The user requesting authentication is called the applicant, while the user (usually, root) charged with verifying his identity and granting him the requested credentials is called the arbitrator.
The sequence of operations the server goes through to authenticate a user and perform whatever task he requested is a PAM transaction; the context within which the server performs the requested task is called a session.
The functionality embodied by PAM is divided into six primitives grouped into four facilities: authentication, account management, session management and password management.
The pam_end() function releases all resources associated with the specified context, and can be called at any time to terminate a PAM transaction.
The pam_set_data() and pam_get_data() functions manage named chunks of free-form data, generally used by modules to store state from one invocation to another.
The pam_strerror() function returns a pointer to a string describing the specified PAM error code.
[PAM_ABORT] | |
General failure. | |
[PAM_ACCT_EXPIRED] | |
User account has expired. | |
[PAM_AUTHINFO_UNAVAIL] | |
Authentication information is unavailable. | |
[PAM_AUTHTOK_DISABLE_AGING] | |
Authentication token aging disabled. | |
[PAM_AUTHTOK_ERR] | |
Authentication token failure. | |
[PAM_AUTHTOK_EXPIRED] | |
Password has expired. | |
[PAM_AUTHTOK_LOCK_BUSY] | |
Authentication token lock busy. | |
[PAM_AUTHTOK_RECOVERY_ERR] | |
Failed to recover old authentication token. | |
[PAM_AUTH_ERR] | |
Authentication error. | |
[PAM_BAD_CONSTANT] | |
Bad constant. | |
[PAM_BAD_FEATURE] | |
Unrecognized or restricted feature. | |
[PAM_BAD_HANDLE] | |
Invalid PAM handle. | |
[PAM_BAD_ITEM] | |
Unrecognized or restricted item. | |
[PAM_BUF_ERR] | |
Memory buffer error. | |
[PAM_CONV_ERR] | |
Conversation failure. | |
[PAM_CRED_ERR] | |
Failed to set user credentials. | |
[PAM_CRED_EXPIRED] | |
User credentials have expired. | |
[PAM_CRED_INSUFFICIENT] | |
Insufficient credentials. | |
[PAM_CRED_UNAVAIL] | |
Failed to retrieve user credentials. | |
[PAM_DOMAIN_UNKNOWN] | |
Unknown authentication domain. | |
[PAM_IGNORE] | |
Ignore this module. | |
[PAM_MAXTRIES] | |
Maximum number of tries exceeded. | |
[PAM_MODULE_UNKNOWN] | |
Unknown module type. | |
[PAM_NEW_AUTHTOK_REQD] | |
New authentication token required. | |
[PAM_NO_MODULE_DATA] | |
Module data not found. | |
[PAM_OPEN_ERR] | |
Failed to load module. | |
[PAM_PERM_DENIED] | |
Permission denied. | |
[PAM_SERVICE_ERR] | |
Error in service module. | |
[PAM_SESSION_ERR] | |
Session failure. | |
[PAM_SUCCESS] | |
Success. | |
[PAM_SYMBOL_ERR] | |
Invalid symbol. | |
[PAM_SYSTEM_ERR] | |
System error. | |
[PAM_TRY_AGAIN] | |
Try again. | |
[PAM_USER_UNKNOWN] | |
Unknown user. | |
X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.
The OpenPAM library is maintained by Dag-Erling Sm/orgrav <Mt des@des.no>.
PAM (3) | February 24, 2019 |
Main index | Section 3 | Options |
Please direct any comments about this manual page service to Ben Bullock. Privacy policy.
“ | With features like these, who needs bugs? | ” |
— Henry Spencer |