xref: /freebsd/contrib/openpam/doc/man/pam.3 (revision c17d43407fe04133a94055b0dbc7ea8965654a9f) 
1.\"-
2.\" Copyright (c) 2002 Networks Associates Technology, Inc.
3.\" All rights reserved.
4.\"
5.\" This software was developed for the FreeBSD Project by ThinkSec AS and
6.\" NAI Labs, the Security Research Division of Network Associates, Inc.
7.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
8.\" DARPA CHATS research program.
9.\"
10.\" Redistribution and use in source and binary forms, with or without
11.\" modification, are permitted provided that the following conditions
12.\" are met:
13.\" 1. Redistributions of source code must retain the above copyright
14.\"    notice, this list of conditions and the following disclaimer.
15.\" 2. Redistributions in binary form must reproduce the above copyright
16.\"    notice, this list of conditions and the following disclaimer in the
17.\"    documentation and/or other materials provided with the distribution.
18.\" 3. The name of the author may not be used to endorse or promote
19.\"    products derived from this software without specific prior written
20.\"    permission.
21.\"
22.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32.\" SUCH DAMAGE.
33.\"
34.\" $P4: //depot/projects/openpam/doc/man/pam.3#11 $
35.\"
36.Dd March 7, 2002
37.Dt PAM 3
38.Os
39.Sh NAME
40.Nm pam_acct_mgmt ,
41.Nm pam_authenticate ,
42.Nm pam_chauthtok ,
43.Nm pam_close_session ,
44.Nm pam_end ,
45.Nm pam_error ,
46.Nm pam_get_authtok ,
47.Nm pam_get_data ,
48.Nm pam_get_item ,
49.Nm pam_get_user ,
50.Nm pam_getenv ,
51.Nm pam_getenvlist ,
52.Nm pam_info ,
53.Nm pam_open_session ,
54.Nm pam_prompt ,
55.Nm pam_putenv ,
56.Nm pam_set_data ,
57.Nm pam_set_item ,
58.Nm pam_setcred ,
59.Nm pam_setenv ,
60.Nm pam_start ,
61.Nm pam_strerror ,
62.Nm pam_verror ,
63.Nm pam_vinfo ,
64.Nm pam_vprompt
65.Nd Pluggable Authentication Modules Library
66.Sh LIBRARY
67.Lb libpam
68.Sh SYNOPSIS
69.In security/pam_appl.h
70.Ft int
71.Fn pam_acct_mgmt "pam_handle_t *pamh" "int flags"
72.Ft int
73.Fn pam_authenticate "pam_handle_t *pamh" "int flags"
74.Ft int
75.Fn pam_chauthtok "pam_handle_t *pamh" "int flags"
76.Ft int
77.Fn pam_close_session "pam_handle_t *pamh" "int flags"
78.Ft int
79.Fn pam_end "pam_handle_t *pamh" "int status"
80.Ft int
81.Fn pam_error "pam_handle_t *pamh" "const char *fmt" "..."
82.Ft int
83.Fn pam_get_authtok "pam_handle_t *pamh" "const char **authtok" "const char *prompt"
84.Ft int
85.Fn pam_get_data "pam_handle_t *pamh" "const char *module_data_name" "const void **data"
86.Ft int
87.Fn pam_get_item "pam_handle_t *pamh" "int item_type" "const void **item"
88.Ft int
89.Fn pam_get_user "pam_handle_t *pamh" "const char **user" "const char *prompt"
90.Ft char *
91.Fn pam_getenv "pam_handle_t *pamh" "const char *name"
92.Ft char **
93.Fn pam_getenvlist "pam_handle_t *pamh"
94.Ft int
95.Fn pam_info "pam_handle_t *pamh" "const char *fmt" "..."
96.Ft int
97.Fn pam_open_session "pam_handle_t *pamh" "int flags"
98.Ft int
99.Fn pam_prompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "..."
100.Ft int
101.Fn pam_putenv "pam_handle_t *pamh" "const char *namevalue"
102.Ft int
103.Fn pam_set_data "pam_handle_t *pamh" "const char *module_data_name" "void *data" "void (*cleanup)(pam_handle_t *pamh, void *data, int pam_end_status)"
104.Ft int
105.Fn pam_set_item "pam_handle_t *pamh" "int item_type" "const void *item"
106.Ft int
107.Fn pam_setcred "pam_handle_t *pamh" "int flags"
108.Ft int
109.Fn pam_setenv "pam_handle_t *pamh" "const char *name" "const char *value" "int overwrite"
110.Ft int
111.Fn pam_start "const char *service" "const char *user" "const struct pam_conv *pam_conv" "pam_handle_t **pamh"
112.Ft const char *
113.Fn pam_strerror "pam_handle_t *pamh" "int error_number"
114.Ft int
115.Fn pam_verror "pam_handle_t *pamh" "const char *fmt" "va_list ap"
116.Ft int
117.Fn pam_vinfo "pam_handle_t *pamh" "const char *fmt" "va_list ap"
118.Ft int
119.Fn pam_vprompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "va_list ap"
120.Sh DESCRIPTION
121.Sh RETURN VALUES
122The following return codes are defined in the
123.In security/pam_constants.h
124header:
125.Bl -tag -width 18n
126.It Bq Er PAM_ABORT
127General failure.
128.It Bq Er PAM_ACCT_EXPIRED
129User accound has expired.
130.It Bq Er PAM_AUTHINFO_UNAVAIL
131Authentication information is unavailable.
132.It Bq Er PAM_AUTHTOK_DISABLE_AGING
133Authentication token aging disabled.
134.It Bq Er PAM_AUTHTOK_ERR
135Authentication token failure.
136.It Bq Er PAM_AUTHTOK_EXPIRED
137Password has expired.
138.It Bq Er PAM_AUTHTOK_LOCK_BUSY
139Authentication token lock busy.
140.It Bq Er PAM_AUTHTOK_RECOVERY_ERR
141Failed to recover old authentication token.
142.It Bq Er PAM_AUTH_ERR
143Authentication error.
144.It Bq Er PAM_BUF_ERR
145Memory buffer error.
146.It Bq Er PAM_CONV_ERR
147Conversation failure.
148.It Bq Er PAM_CRED_ERR
149Failed to set user credentials.
150.It Bq Er PAM_CRED_EXPIRED
151User credentials have expired.
152.It Bq Er PAM_CRED_INSUFFICIENT
153Insufficient credentials.
154.It Bq Er PAM_CRED_UNAVAIL
155Failed to retrieve user credentials.
156.It Bq Er PAM_DOMAIN_UNKNOWN
157Unknown authentication domain.
158.It Bq Er PAM_IGNORE
159Ignore this module.
160.It Bq Er PAM_MAXTRIES
161Maximum number of tries exceeded.
162.It Bq Er PAM_MODULE_UNKNOWN
163Unknown module type.
164.It Bq Er PAM_NEW_AUTHTOK_REQD
165New authentication token required.
166.It Bq Er PAM_NO_MODULE_DATA
167Module data not found.
168.It Bq Er PAM_OPEN_ERR
169Failed to load module.
170.It Bq Er PAM_PERM_DENIED
171Permission denied.
172.It Bq Er PAM_SERVICE_ERR
173Error in service module.
174.It Bq Er PAM_SESSION_ERR
175Session failure.
176.It Bq Er PAM_SUCCESS
177Success.
178.It Bq Er PAM_SYMBOL_ERR
179Invalid symbol.
180.It Bq Er PAM_SYSTEM_ERR
181System error.
182.It Bq Er PAM_TRY_AGAIN
183Try again.
184.It Bq Er PAM_USER_UNKNOWN
185Unknown user.
186.El
187.Sh SEE ALSO
188.Xr pam_acct_mgmt 3 ,
189.Xr pam_authenticate 3 ,
190.Xr pam_chauthtok 3 ,
191.Xr pam_close_session 3 ,
192.Xr pam_end 3 ,
193.Xr pam_error 3 ,
194.Xr pam_get_authtok 3 ,
195.Xr pam_get_data 3 ,
196.Xr pam_get_item 3 ,
197.Xr pam_get_user 3 ,
198.Xr pam_getenv 3 ,
199.Xr pam_getenvlist 3 ,
200.Xr pam_info 3 ,
201.Xr pam_open_session 3 ,
202.Xr pam_prompt 3 ,
203.Xr pam_putenv 3 ,
204.Xr pam_set_data 3 ,
205.Xr pam_set_item 3 ,
206.Xr pam_setcred 3 ,
207.Xr pam_setenv 3 ,
208.Xr pam_start 3 ,
209.Xr pam_strerror 3 ,
210.Xr pam_verror 3 ,
211.Xr pam_vinfo 3 ,
212.Xr pam_vprompt 3 ,
213.Xr pam.conf 5
214.Sh STANDARDS
215.Rs
216.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules"
217.%D "June 1997"
218.Re
219.Sh AUTHORS
220The OpenPAM library and this manual page were developed for the
221FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research
222Division of Network Associates, Inc.  under DARPA/SPAWAR contract
223N66001-01-C-8035
224.Pq Dq CBOSS ,
225as part of the DARPA CHATS research program.
226