NAME
pam_chauthtok —
perform password
related functions within the PAM framework
SYNOPSIS
#include <sys/types.h>
#include <security/pam_appl.h>
int
pam_chauthtok(
pam_handle_t
*pamh,
int flags);
DESCRIPTION
The
pam_chauthtok() function attempts to change the
authentication token for the user associated with the pam context specified by
the
pamh argument.
The
flags argument is the binary or of zero or more of the
following values:
-
-
PAM_SILENT
- Do not emit any messages.
-
-
PAM_CHANGE_EXPIRED_AUTHTOK
- Change only those authentication tokens that have
expired.
If any other bits are set,
pam_chauthtok() will return
PAM_BAD_CONSTANT
.
RETURN VALUES
The
pam_chauthtok() function returns one of the following
values:
-
-
- [
PAM_SUCCESS
]
- Success.
-
-
- [
PAM_ABORT
]
- General failure.
-
-
- [
PAM_AUTHTOK_DISABLE_AGING
]
- Authentication token aging disabled.
-
-
- [
PAM_AUTHTOK_ERR
]
- Authentication token failure.
-
-
- [
PAM_AUTHTOK_LOCK_BUSY
]
- Authentication token lock busy.
-
-
- [
PAM_AUTHTOK_RECOVERY_ERR
]
- Failed to recover old authentication token.
-
-
- [
PAM_BAD_CONSTANT
]
- Bad constant.
-
-
- [
PAM_BUF_ERR
]
- Memory buffer error.
-
-
- [
PAM_CONV_ERR
]
- Conversation failure.
-
-
- [
PAM_PERM_DENIED
]
- Permission denied.
-
-
- [
PAM_SERVICE_ERR
]
- Error in service module.
-
-
- [
PAM_SYSTEM_ERR
]
- System error.
-
-
- [
PAM_TRY_AGAIN
]
- Try again.
SEE ALSO
pam(3),
pam_strerror(3)
STANDARDS
X/Open Single Sign-On Service (XSSO) -
Pluggable Authentication Modules, June
1997.
AUTHORS
The
pam_chauthtok() function and this manual page were
developed for the
FreeBSD Project by ThinkSec AS and
Network Associates Laboratories, the Security Research Division of Network
Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
(“CBOSS”), as part of the DARPA CHATS research program.
The OpenPAM library is maintained by
Dag-Erling
Smørgrav
<
des@des.no>.