tail head cat sleep
QR code linking to this page

Manual Pages  — PAM_SETCRED

NAME

pam_setcred – modify / delete user credentials for an authentication service

CONTENTS

LIBRARY

Pluggable Authentication Module Library (libpam, -lpam)

SYNOPSIS

#include <sys/types.h>
#include <security/pam_appl.h>

int
pam_setcred(pam_handle_t *pamh, int flags);

DESCRIPTION

The pam_setcred() function manages the application's credentials.

The flags argument is the binary or of zero or more of the following values:
PAM_SILENT
  Do not emit any messages.
PAM_ESTABLISH_CRED
  Establish the credentials of the target user.
PAM_DELETE_CRED
  Revoke all established credentials.
PAM_REINITIALIZE_CRED
  Fully reinitialise credentials.
PAM_REFRESH_CRED
  Refresh credentials.

The latter four are mutually exclusive.

If any other bits are set, pam_setcred() will return PAM_SYMBOL_ERR.

RETURN VALUES

The pam_setcred() function returns one of the following values:
[PAM_ABORT]
  General failure.
[PAM_BUF_ERR]
  Memory buffer error.
[PAM_CONV_ERR]
  Conversation failure.
[PAM_CRED_ERR]
  Failed to set user credentials.
[PAM_CRED_EXPIRED]
  User credentials have expired.
[PAM_CRED_UNAVAIL]
  Failed to retrieve user credentials.
[PAM_PERM_DENIED]
  Permission denied.
[PAM_SERVICE_ERR]
  Error in service module.
[PAM_SYMBOL_ERR]
  Invalid symbol.
[PAM_SYSTEM_ERR]
  System error.
[PAM_USER_UNKNOWN]
  Unknown user.

SEE ALSO

pam(3), pam_strerror(3)

STANDARDS

X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.

AUTHORS

The pam_setcred() function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program.

The OpenPAM library is maintained by Dag-Erling Sm/orgrav <des@des.no>.


PAM_SETCRED (3) September 12, 2014

tail head cat sleep
QR code linking to this page


Please direct any comments about this manual page service to Ben Bullock. Privacy policy.

C isn't that hard: void (*(*f[])())() defines f as an array of unspecified size, of pointers to functions that return pointers to functions that return void