1.\" The contents of this file are subject to the terms of the Common 2.\" Development and Distribution License (the "License"). You may not use 3.\" this file except in compliance with the License. 4.\" 5.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or 6.\" http://www.opensolaris.org/os/licensing. See the License for the 7.\" specific language governing permissions and limitations under the 8.\" License. 9.\" 10.\" When distributing Covered Code, include this CDDL HEADER in each file 11.\" and include the License file at usr/src/OPENSOLARIS.LICENSE. If 12.\" applicable, add the following below this CDDL HEADER, with the fields 13.\" enclosed by brackets "[]" replaced with your own identifying 14.\" information: Portions Copyright [yyyy] [name of copyright owner] 15.\" 16.\" Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved. 17.\" Copyright 2023 OmniOS Community Edition (OmniOSce) Association. 18.\" 19.Dd July 6, 2024 20.Dt LIBPAM 3LIB 21.Os 22.Sh NAME 23.Nm libpam 24.Nd PAM (Pluggable Authentication Module) library 25.Sh LIBRARY 26.Lb libpam 27.Sh SYNOPSIS 28.In security/pam_appl.h 29.Sh DESCRIPTION 30Functions in this library provide routines for the Pluggable Authentication 31Module 32.Pq PAM . 33.Pp 34Various PAM implementations have disagreed on whether certain parts of the 35function signatures for the 36.Fn pam_get_item 37and 38.Fn pam_get_user 39functions, as well as parts of the 40.Vt pam_conv 41structure, used the 42.Sy const 43qualifier. 44Historically illumos did not; however this was changed to align with other 45common implementations 46.Po 47e.g. the Linux PAM project and various *BSDs 48.Pc . 49If necessary the non-const definitions of these types can be selected by 50defining the macro 51.Dv _PAM_LEGACY_NONCONST 52prior to including 53.In security/pam_appl.h . 54.Sh INTERFACES 55The shared object 56.Sy libmap.so.1 57provides the public interfaces defined below. 58See 59.Xr Intro 3 60for additional information on shared object interfaces. 61.Bl -column -offset indent "pam_close_session" "pam_close_session" 62.It Sy pam_acct_mgmt Ta Sy pam_authenticate 63.It Sy pam_chauthtok Ta Sy pam_close_session 64.It Sy pam_end Ta Sy pam_get_data 65.It Sy pam_get_item Ta Sy pam_get_user 66.It Sy pam_getenv Ta Sy pam_getenvlist 67.It Sy pam_open_session Ta Sy pam_putenv 68.It Sy pam_set_data Ta Sy pam_set_item 69.It Sy pam_setcred Ta Sy pam_start 70.It Sy pam_strerror Ta 71.El 72.Sh FILES 73.Bl -tag -width Ds 74.It Pa /lib/libpam.so.1 7532-bit shared object 76.It Pa /lib/64/libpam.so.1 7764-bit shared object 78.It Pa /etc/pam.conf 79configuration file 80.It Pa /usr/lib/security/pam_dial_auth.so.1 81authentication management PAM module for dialups 82.It Pa /usr/lib/security/pam_rhosts_auth.so.1 83authentication management PAM modules that use 84.Fn ruserok 85.It Pa /usr/lib/security/pam_sample.so.1 86sample PAM module 87.El 88.Sh INTERFACE STABILITY 89.Sy Committed 90.Sh MT-LEVEL 91.Sy MT-Safe-with-exceptions 92.Sh SEE ALSO 93.Xr pvs 1 , 94.Xr Intro 3 , 95.Xr pam 3PAM , 96.Xr pam.conf 5 , 97.Xr attributes 7 , 98.Xr pam_authtok_check 7 , 99.Xr pam_authtok_get 7 , 100.Xr pam_authtok_store 7 , 101.Xr pam_dhkeys 7 , 102.Xr pam_dial_auth 7 , 103.Xr pam_passwd_auth 7 , 104.Xr pam_rhosts_auth 7 , 105.Xr pam_sample 7 , 106.Xr pam_unix_account 7 , 107.Xr pam_unix_auth 7 , 108.Xr pam_unix_session 7 109.Sh NOTES 110The functions in 111.Nm 112are MT-Safe only if each thread within the multithreaded application uses its 113own PAM handle. 114.Pp 115The 116.Sy pam_unix 117module is no longer supported. 118Similar functionality is provided by 119.Xr pam_authtok_check 7 , 120.Xr pam_authtok_get 7 , 121.Xr pam_authtok_store 7 , 122.Xr pam_dhkeys 7 , 123.Xr pam_passwd_auth 7 , 124.Xr pam_unix_account 7 , 125.Xr pam_unix_auth 7 , 126and 127.Xr pam_unix_session 7 . 128