xref: /freebsd/contrib/openpam/doc/man/pam.3 (revision ee2ea5ceafed78a5bd9810beb9e3ca927180c226) 
1.\"-
2.\" Copyright (c) 2002 Networks Associates Technology, Inc.
3.\" All rights reserved.
4.\"
5.\" This software was developed for the FreeBSD Project by ThinkSec AS and
6.\" NAI Labs, the Security Research Division of Network Associates, Inc.
7.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
8.\" DARPA CHATS research program.
9.\"
10.\" Redistribution and use in source and binary forms, with or without
11.\" modification, are permitted provided that the following conditions
12.\" are met:
13.\" 1. Redistributions of source code must retain the above copyright
14.\"    notice, this list of conditions and the following disclaimer.
15.\" 2. Redistributions in binary form must reproduce the above copyright
16.\"    notice, this list of conditions and the following disclaimer in the
17.\"    documentation and/or other materials provided with the distribution.
18.\" 3. The name of the author may not be used to endorse or promote
19.\"    products derived from this software without specific prior written
20.\"    permission.
21.\"
22.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32.\" SUCH DAMAGE.
33.\"
34.\" $P4: //depot/projects/openpam/doc/man/pam.3#14 $
35.\"
36.Dd May 2, 2002
37.Dt PAM 3
38.Os
39.Sh NAME
40.Nm openpam_borrow_cred ,
41.Nm openpam_free_data ,
42.Nm openpam_restore_cred ,
43.Nm pam_acct_mgmt ,
44.Nm pam_authenticate ,
45.Nm pam_chauthtok ,
46.Nm pam_close_session ,
47.Nm pam_end ,
48.Nm pam_error ,
49.Nm pam_get_authtok ,
50.Nm pam_get_data ,
51.Nm pam_get_item ,
52.Nm pam_get_user ,
53.Nm pam_getenv ,
54.Nm pam_getenvlist ,
55.Nm pam_info ,
56.Nm pam_open_session ,
57.Nm pam_prompt ,
58.Nm pam_putenv ,
59.Nm pam_set_data ,
60.Nm pam_set_item ,
61.Nm pam_setcred ,
62.Nm pam_setenv ,
63.Nm pam_start ,
64.Nm pam_strerror ,
65.Nm pam_verror ,
66.Nm pam_vinfo ,
67.Nm pam_vprompt
68.Nd Pluggable Authentication Modules Library
69.Sh LIBRARY
70.Lb libpam
71.Sh SYNOPSIS
72.In security/pam_appl.h
73.Ft int
74.Fn openpam_borrow_cred "pam_handle_t *pamh" "const struct passwd *pwd"
75.Ft void
76.Fn openpam_free_data "pam_handle_t *pamh" "void *data" "int status"
77.Ft int
78.Fn openpam_restore_cred "pam_handle_t *pamh"
79.Ft int
80.Fn pam_acct_mgmt "pam_handle_t *pamh" "int flags"
81.Ft int
82.Fn pam_authenticate "pam_handle_t *pamh" "int flags"
83.Ft int
84.Fn pam_chauthtok "pam_handle_t *pamh" "int flags"
85.Ft int
86.Fn pam_close_session "pam_handle_t *pamh" "int flags"
87.Ft int
88.Fn pam_end "pam_handle_t *pamh" "int status"
89.Ft int
90.Fn pam_error "pam_handle_t *pamh" "const char *fmt" "..."
91.Ft int
92.Fn pam_get_authtok "pam_handle_t *pamh" "int item" "const char **authtok" "const char *prompt"
93.Ft int
94.Fn pam_get_data "pam_handle_t *pamh" "const char *module_data_name" "const void **data"
95.Ft int
96.Fn pam_get_item "pam_handle_t *pamh" "int item_type" "const void **item"
97.Ft int
98.Fn pam_get_user "pam_handle_t *pamh" "const char **user" "const char *prompt"
99.Ft char *
100.Fn pam_getenv "pam_handle_t *pamh" "const char *name"
101.Ft char **
102.Fn pam_getenvlist "pam_handle_t *pamh"
103.Ft int
104.Fn pam_info "pam_handle_t *pamh" "const char *fmt" "..."
105.Ft int
106.Fn pam_open_session "pam_handle_t *pamh" "int flags"
107.Ft int
108.Fn pam_prompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "..."
109.Ft int
110.Fn pam_putenv "pam_handle_t *pamh" "const char *namevalue"
111.Ft int
112.Fn pam_set_data "pam_handle_t *pamh" "const char *module_data_name" "void *data" "void (*cleanup)(pam_handle_t *pamh, void *data, int pam_end_status)"
113.Ft int
114.Fn pam_set_item "pam_handle_t *pamh" "int item_type" "const void *item"
115.Ft int
116.Fn pam_setcred "pam_handle_t *pamh" "int flags"
117.Ft int
118.Fn pam_setenv "pam_handle_t *pamh" "const char *name" "const char *value" "int overwrite"
119.Ft int
120.Fn pam_start "const char *service" "const char *user" "const struct pam_conv *pam_conv" "pam_handle_t **pamh"
121.Ft const char *
122.Fn pam_strerror "pam_handle_t *pamh" "int error_number"
123.Ft int
124.Fn pam_verror "pam_handle_t *pamh" "const char *fmt" "va_list ap"
125.Ft int
126.Fn pam_vinfo "pam_handle_t *pamh" "const char *fmt" "va_list ap"
127.Ft int
128.Fn pam_vprompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "va_list ap"
129.Sh DESCRIPTION
130.Sh RETURN VALUES
131The following return codes are defined in the
132.In security/pam_constants.h
133header:
134.Bl -tag -width 18n
135.It Bq Er PAM_ABORT
136General failure.
137.It Bq Er PAM_ACCT_EXPIRED
138User accound has expired.
139.It Bq Er PAM_AUTHINFO_UNAVAIL
140Authentication information is unavailable.
141.It Bq Er PAM_AUTHTOK_DISABLE_AGING
142Authentication token aging disabled.
143.It Bq Er PAM_AUTHTOK_ERR
144Authentication token failure.
145.It Bq Er PAM_AUTHTOK_EXPIRED
146Password has expired.
147.It Bq Er PAM_AUTHTOK_LOCK_BUSY
148Authentication token lock busy.
149.It Bq Er PAM_AUTHTOK_RECOVERY_ERR
150Failed to recover old authentication token.
151.It Bq Er PAM_AUTH_ERR
152Authentication error.
153.It Bq Er PAM_BUF_ERR
154Memory buffer error.
155.It Bq Er PAM_CONV_ERR
156Conversation failure.
157.It Bq Er PAM_CRED_ERR
158Failed to set user credentials.
159.It Bq Er PAM_CRED_EXPIRED
160User credentials have expired.
161.It Bq Er PAM_CRED_INSUFFICIENT
162Insufficient credentials.
163.It Bq Er PAM_CRED_UNAVAIL
164Failed to retrieve user credentials.
165.It Bq Er PAM_DOMAIN_UNKNOWN
166Unknown authentication domain.
167.It Bq Er PAM_IGNORE
168Ignore this module.
169.It Bq Er PAM_MAXTRIES
170Maximum number of tries exceeded.
171.It Bq Er PAM_MODULE_UNKNOWN
172Unknown module type.
173.It Bq Er PAM_NEW_AUTHTOK_REQD
174New authentication token required.
175.It Bq Er PAM_NO_MODULE_DATA
176Module data not found.
177.It Bq Er PAM_OPEN_ERR
178Failed to load module.
179.It Bq Er PAM_PERM_DENIED
180Permission denied.
181.It Bq Er PAM_SERVICE_ERR
182Error in service module.
183.It Bq Er PAM_SESSION_ERR
184Session failure.
185.It Bq Er PAM_SUCCESS
186Success.
187.It Bq Er PAM_SYMBOL_ERR
188Invalid symbol.
189.It Bq Er PAM_SYSTEM_ERR
190System error.
191.It Bq Er PAM_TRY_AGAIN
192Try again.
193.It Bq Er PAM_USER_UNKNOWN
194Unknown user.
195.El
196.Sh SEE ALSO
197.Xr openpam_borrow_cred 3 ,
198.Xr openpam_free_data 3 ,
199.Xr openpam_restore_cred 3 ,
200.Xr pam_acct_mgmt 3 ,
201.Xr pam_authenticate 3 ,
202.Xr pam_chauthtok 3 ,
203.Xr pam_close_session 3 ,
204.Xr pam_end 3 ,
205.Xr pam_error 3 ,
206.Xr pam_get_authtok 3 ,
207.Xr pam_get_data 3 ,
208.Xr pam_get_item 3 ,
209.Xr pam_get_user 3 ,
210.Xr pam_getenv 3 ,
211.Xr pam_getenvlist 3 ,
212.Xr pam_info 3 ,
213.Xr pam_open_session 3 ,
214.Xr pam_prompt 3 ,
215.Xr pam_putenv 3 ,
216.Xr pam_set_data 3 ,
217.Xr pam_set_item 3 ,
218.Xr pam_setcred 3 ,
219.Xr pam_setenv 3 ,
220.Xr pam_start 3 ,
221.Xr pam_strerror 3 ,
222.Xr pam_verror 3 ,
223.Xr pam_vinfo 3 ,
224.Xr pam_vprompt 3 ,
225.Xr pam.conf 5
226.Sh STANDARDS
227.Rs
228.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules"
229.%D "June 1997"
230.Re
231.Sh AUTHORS
232The OpenPAM library and this manual page were developed for the
233FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research
234Division of Network Associates, Inc.  under DARPA/SPAWAR contract
235N66001-01-C-8035
236.Pq Dq CBOSS ,
237as part of the DARPA CHATS research program.
238