Main index | Section 3 | Options |
#include <sys/types.h>
#include <security/pam_appl.h>
The item argument must have one of the following values:
PAM_AUTHTOK | |
Returns the current authentication token, or the new token when changing authentication tokens. | |
PAM_OLDAUTHTOK | |
Returns the previous authentication token when changing authentication tokens. | |
The prompt argument specifies a prompt to use if no token is cached. If it is NULL, the PAM_AUTHTOK_PROMPT or PAM_OLDAUTHTOK_PROMPT item, as appropriate, will be used. If that item is also NULL, a hardcoded default prompt will be used. Additionally, when pam_get_authtok() is called from a service module, the prompt may be affected by module options as described below. The prompt is then expanded using openpam_subst(3) before it is passed to the conversation function.
If item is set to PAM_AUTHTOK and there is a non-null PAM_OLDAUTHTOK item, pam_get_authtok() will ask the user to confirm the new token by retyping it. If there is a mismatch, pam_get_authtok() will return PAM_TRY_AGAIN.
authtok_prompt | |
Prompt to use when item is set to PAM_AUTHTOK. This option overrides both the prompt argument and the PAM_AUTHTOK_PROMPT item. | |
echo_pass | |
If the application's conversation function allows it, this lets the user see what they are typing. This should only be used for non-reusable authentication tokens. | |
oldauthtok_prompt | |
Prompt to use when item is set to PAM_OLDAUTHTOK. This option overrides both the prompt argument and the PAM_OLDAUTHTOK_PROMPT item. | |
try_first_pass | |
If the requested item is non-null, return it without prompting the user. Typically, the service module will verify the token, and if it does not match, clear the item before calling pam_get_authtok() a second time. | |
use_first_pass | |
Do not prompt the user at all; just return the cached value, or PAM_AUTH_ERR if there is none. | |
[PAM_SUCCESS] | |
Success. | |
[PAM_BAD_CONSTANT] | |
Bad constant. | |
[PAM_BAD_ITEM] | |
Unrecognized or restricted item. | |
[PAM_BUF_ERR] | |
Memory buffer error. | |
[PAM_CONV_ERR] | |
Conversation failure. | |
[PAM_SYSTEM_ERR] | |
System error. | |
[PAM_TRY_AGAIN] | |
Try again. | |
The OpenPAM library is maintained by Dag-Erling Sm/orgrav <Mt des@des.no>.
PAM_GET_AUTHTOK (3) | February 24, 2019 |
Main index | Section 3 | Options |
Please direct any comments about this manual page service to Ben Bullock. Privacy policy.