xref: /illumos-gate/usr/src/man/man3pam/pam_sm_open_session.3pam (revision b8052df9f609edb713f6828c9eecc3d7be19dfb3)
te
Copyright (c) 1998, Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
PAM_SM_OPEN_SESSION 3PAM "June 20, 2021"
NAME
pam_sm_open_session, pam_sm_close_session - service provider implementation for pam_open_session and pam_close_session
SYNOPSIS
cc [ flag ... ] file ... -lpam [ library ... ]
#include <security/pam_appl.h>
#include <security/pam_modules.h>



int pam_sm_open_session(pam_handle_t *pamh, int flags,
 int argc, const char **argv);

int pam_sm_close_session(pam_handle_t *pamh, int flags,
 int argc, const char **argv);
DESCRIPTION
In response to a call to pam_open_session(3PAM) and pam_close_session(3PAM), the PAM framework calls pam_sm_open_session() and pam_sm_close_session(), respectively from the modules listed in the pam.conf(5) file. The session management provider supplies the back-end functionality for this interface function.

The pam_sm_open_session() function is called to initiate session management. The pam_sm_close_session() function is invoked when a session has terminated. The argument pamh is an authentication handle. The following flag may be set in the flags field: PAM_SILENT

Session service should not generate any messages.

The argc argument represents the number of module options passed in from the configuration file pam.conf(5). argv specifies the module options, which are interpreted and processed by the session management service. If an unknown option is passed in, an error should be logged through syslog(3C) and the option ignored.

RETURN VALUES
Upon successful completion, PAM_SUCCESS should be returned. The following values may also be returned upon error: PAM_SESSION_ERR

Cannot make or remove an entry for the specified session.

PAM_IGNORE

Ignore underlying session module regardless of whether the control flag is required, optional or sufficient.

ATTRIBUTES
See attributes(7) for description of the following attributes:
ATTRIBUTE TYPE ATTRIBUTE VALUE
Interface Stability Stable
MT-Level MT-Safe with exceptions
SEE ALSO
syslog (3C), libpam (3LIB), pam (3PAM), pam_open_session (3PAM), pam.conf (5), attributes (7)
NOTES
The interfaces in libpam are MT-Safe only if each thread within the multithreaded application uses its own PAM handle.