NAME
pam_setcred —
modify / delete user
credentials for an authentication service
SYNOPSIS
#include <sys/types.h>
#include <security/pam_appl.h>
int
pam_setcred(
pam_handle_t
*pamh,
int flags);
DESCRIPTION
The
pam_setcred() function manages the application's
credentials.
The
flags argument is the binary or of zero or more of the
following values:
-
-
PAM_SILENT
- Do not emit any messages.
-
-
PAM_ESTABLISH_CRED
- Establish the credentials of the target user.
-
-
PAM_DELETE_CRED
- Revoke all established credentials.
-
-
PAM_REINITIALIZE_CRED
- Fully reinitialise credentials.
-
-
PAM_REFRESH_CRED
- Refresh credentials.
The latter four are mutually exclusive.
If any other bits are set,
pam_setcred() will return
PAM_BAD_CONSTANT
.
RETURN VALUES
The
pam_setcred() function returns one of the following
values:
-
-
- [
PAM_SUCCESS
]
- Success.
-
-
- [
PAM_ABORT
]
- General failure.
-
-
- [
PAM_BAD_CONSTANT
]
- Bad constant.
-
-
- [
PAM_BUF_ERR
]
- Memory buffer error.
-
-
- [
PAM_CONV_ERR
]
- Conversation failure.
-
-
- [
PAM_CRED_ERR
]
- Failed to set user credentials.
-
-
- [
PAM_CRED_EXPIRED
]
- User credentials have expired.
-
-
- [
PAM_CRED_UNAVAIL
]
- Failed to retrieve user credentials.
-
-
- [
PAM_PERM_DENIED
]
- Permission denied.
-
-
- [
PAM_SERVICE_ERR
]
- Error in service module.
-
-
- [
PAM_SYSTEM_ERR
]
- System error.
-
-
- [
PAM_USER_UNKNOWN
]
- Unknown user.
SEE ALSO
pam(3),
pam_strerror(3)
STANDARDS
X/Open Single Sign-On Service (XSSO) -
Pluggable Authentication Modules, June
1997.
AUTHORS
The
pam_setcred() function and this manual page were developed
for the
FreeBSD Project by ThinkSec AS and Network
Associates Laboratories, the Security Research Division of Network Associates,
Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as
part of the DARPA CHATS research program.
The OpenPAM library is maintained by
Dag-Erling
Smørgrav
<
des@des.no>.