xref: /titanic_44/usr/src/man/man3pam/pam_setcred.3pam (revision db8b037b5616a366b7dfdc01ef9552f02f9adfdd)
te
Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
PAM_SETCRED 3PAM "Jan 10, 2008"
NAME
pam_setcred - modify or delete user credentials for an authentication service
SYNOPSIS

cc [ flag ... ] file ... -lpam [ library ... ]
#include <security/pam_appl.h>



int pam_setcred(pam_handle_t *pamh, int flags);
DESCRIPTION

The pam_setcred() function is used to establish, modify, or delete user credentials. It is typically called after the user has been authenticated and after a session has been validated. See pam_authenticate(3PAM) and pam_acct_mgmt(3PAM).

The user is specified by a prior call to pam_start() or pam_set_item(), and is referenced by the authentication handle, pamh. The following flags may be set in the flags field. Note that the first four flags are mutually exclusive: PAM_ESTABLISH_CRED

Set user credentials for an authentication service.

PAM_DELETE_CRED

Delete user credentials associated with an authentication service.

PAM_REINITIALIZE_CRED

Reinitialize user credentials.

PAM_REFRESH_CRED

Extend lifetime of user credentials.

PAM_SILENT

Authentication service should not generate any messages.

If no flag is set, PAM_ESTABLISH_CRED is used as the default.

RETURN VALUES

Upon success, pam_setcred() returns PAM_SUCCESS. In addition to the error return values described in pam(3PAM) the following values may be returned upon error: PAM_CRED_UNAVAIL

Underlying authentication service can not retrieve user credentials unavailable.

PAM_CRED_EXPIRED

User credentials expired.

PAM_USER_UNKNOWN

User unknown to underlying authentication service.

PAM_CRED_ERR

Failure setting user credentials.

ATTRIBUTES

See attributes(5) for description of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
Interface Stability Committed
MT-Level MT-Safe with exceptions
SEE ALSO

pam(3PAM), pam_acct_mgmt(3PAM), pam_authenticate(3PAM), pam_set_item(3PAM), pam_start(3PAM), libpam(3LIB), attributes(5)

NOTES

The interfaces in libpam are MT-Safe only if each thread within the multithreaded application uses its own PAM handle.