xref: /titanic_44/usr/src/man/man3pam/pam_get_user.3pam (revision 70f9559bd0c02885d84a425eaafc8c280df10efb)
te
Copyright (c) 1998, Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
PAM_GET_USER 3PAM "Oct 13, 1998"
NAME
pam_get_user - PAM routine to retrieve user name
SYNOPSIS

cc [ flag ... ] file ... -lpam [ library ... ]
#include <security/pam_appl.h>



int pam_get_user(pam_handle_t *pamh, char **user,
 const char *prompt);
DESCRIPTION

The pam_get_user() function is used by PAM service modules to retrieve the current user name from the PAM handle. If the user name has not been set with pam_start() or pam_set_item(), the PAM conversation function will be used to prompt the user for the user name with the string "prompt". If prompt is NULL, then pam_get_item() is called and the value of PAM_USER_PROMPT is used for prompting. If the value of PAM_USER_PROMPT is NULL, the following default prompt is used:

Please enter user name:

After the user name is gathered by the conversation function, pam_set_item() is called to set the value of PAM_USER. By convention, applications that need to prompt for a user name should call pam_set_item() and set the value of PAM_USER_PROMPT before calling pam_authenticate(). The service module's pam_sm_authenticate() function will then call pam_get_user() to prompt for the user name.

Note that certain PAM service modules, such as a smart card module, may override the value of PAM_USER_PROMPT and pass in their own prompt. Applications that call pam_authenticate() multiple times should set the value of PAM_USER to NULL with pam_set_item() before calling pam_authenticate(), if they want the user to be prompted for a new user name each time. The value of user retrieved by pam_get_user() should not be modified or freed. The item will be released by pam_end().

RETURN VALUES

Upon success, pam_get_user() returns PAM_SUCCESS; otherwise it returns an error code. Refer to pam(3PAM) for information on error related return values.

ATTRIBUTES

See attributes(5) for description of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
Interface Stability Stable
MT-Level MT-Safe with exceptions
SEE ALSO

pam(3PAM), pam_authenticate(3PAM), pam_end(3PAM), pam_get_item(3PAM), pam_set_item(3PAM), pam_sm(3PAM), pam_sm_authenticate(3PAM), pam_start(3PAM), attributes(5)

NOTES

The interfaces in libpam are MT-Safe only if each thread within the multithreaded application uses its own PAM handle.