226 lines
6.9 KiB
Groff
226 lines
6.9 KiB
Groff
.\"-
|
|
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
|
.\" NAI Labs, the Security Research Division of Network Associates, Inc.
|
|
.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
|
|
.\" DARPA CHATS research program.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. The name of the author may not be used to endorse or promote
|
|
.\" products derived from this software without specific prior written
|
|
.\" permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" $P4: //depot/projects/openpam/doc/man/pam.3#11 $
|
|
.\"
|
|
.Dd March 7, 2002
|
|
.Dt PAM 3
|
|
.Os
|
|
.Sh NAME
|
|
.Nm pam_acct_mgmt ,
|
|
.Nm pam_authenticate ,
|
|
.Nm pam_chauthtok ,
|
|
.Nm pam_close_session ,
|
|
.Nm pam_end ,
|
|
.Nm pam_error ,
|
|
.Nm pam_get_authtok ,
|
|
.Nm pam_get_data ,
|
|
.Nm pam_get_item ,
|
|
.Nm pam_get_user ,
|
|
.Nm pam_getenv ,
|
|
.Nm pam_getenvlist ,
|
|
.Nm pam_info ,
|
|
.Nm pam_open_session ,
|
|
.Nm pam_prompt ,
|
|
.Nm pam_putenv ,
|
|
.Nm pam_set_data ,
|
|
.Nm pam_set_item ,
|
|
.Nm pam_setcred ,
|
|
.Nm pam_setenv ,
|
|
.Nm pam_start ,
|
|
.Nm pam_strerror ,
|
|
.Nm pam_verror ,
|
|
.Nm pam_vinfo ,
|
|
.Nm pam_vprompt
|
|
.Nd Pluggable Authentication Modules Library
|
|
.Sh LIBRARY
|
|
.Lb libpam
|
|
.Sh SYNOPSIS
|
|
.In security/pam_appl.h
|
|
.Ft int
|
|
.Fn pam_acct_mgmt "pam_handle_t *pamh" "int flags"
|
|
.Ft int
|
|
.Fn pam_authenticate "pam_handle_t *pamh" "int flags"
|
|
.Ft int
|
|
.Fn pam_chauthtok "pam_handle_t *pamh" "int flags"
|
|
.Ft int
|
|
.Fn pam_close_session "pam_handle_t *pamh" "int flags"
|
|
.Ft int
|
|
.Fn pam_end "pam_handle_t *pamh" "int status"
|
|
.Ft int
|
|
.Fn pam_error "pam_handle_t *pamh" "const char *fmt" "..."
|
|
.Ft int
|
|
.Fn pam_get_authtok "pam_handle_t *pamh" "const char **authtok" "const char *prompt"
|
|
.Ft int
|
|
.Fn pam_get_data "pam_handle_t *pamh" "const char *module_data_name" "const void **data"
|
|
.Ft int
|
|
.Fn pam_get_item "pam_handle_t *pamh" "int item_type" "const void **item"
|
|
.Ft int
|
|
.Fn pam_get_user "pam_handle_t *pamh" "const char **user" "const char *prompt"
|
|
.Ft char *
|
|
.Fn pam_getenv "pam_handle_t *pamh" "const char *name"
|
|
.Ft char **
|
|
.Fn pam_getenvlist "pam_handle_t *pamh"
|
|
.Ft int
|
|
.Fn pam_info "pam_handle_t *pamh" "const char *fmt" "..."
|
|
.Ft int
|
|
.Fn pam_open_session "pam_handle_t *pamh" "int flags"
|
|
.Ft int
|
|
.Fn pam_prompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "..."
|
|
.Ft int
|
|
.Fn pam_putenv "pam_handle_t *pamh" "const char *namevalue"
|
|
.Ft int
|
|
.Fn pam_set_data "pam_handle_t *pamh" "const char *module_data_name" "void *data" "void (*cleanup)(pam_handle_t *pamh, void *data, int pam_end_status)"
|
|
.Ft int
|
|
.Fn pam_set_item "pam_handle_t *pamh" "int item_type" "const void *item"
|
|
.Ft int
|
|
.Fn pam_setcred "pam_handle_t *pamh" "int flags"
|
|
.Ft int
|
|
.Fn pam_setenv "pam_handle_t *pamh" "const char *name" "const char *value" "int overwrite"
|
|
.Ft int
|
|
.Fn pam_start "const char *service" "const char *user" "const struct pam_conv *pam_conv" "pam_handle_t **pamh"
|
|
.Ft const char *
|
|
.Fn pam_strerror "pam_handle_t *pamh" "int error_number"
|
|
.Ft int
|
|
.Fn pam_verror "pam_handle_t *pamh" "const char *fmt" "va_list ap"
|
|
.Ft int
|
|
.Fn pam_vinfo "pam_handle_t *pamh" "const char *fmt" "va_list ap"
|
|
.Ft int
|
|
.Fn pam_vprompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "va_list ap"
|
|
.Sh DESCRIPTION
|
|
.Sh RETURN VALUES
|
|
The following return codes are defined in the
|
|
.In security/pam_constants.h
|
|
header:
|
|
.Bl -tag -width 18n
|
|
.It Bq Er PAM_ABORT
|
|
General failure.
|
|
.It Bq Er PAM_ACCT_EXPIRED
|
|
User accound has expired.
|
|
.It Bq Er PAM_AUTHINFO_UNAVAIL
|
|
Authentication information is unavailable.
|
|
.It Bq Er PAM_AUTHTOK_DISABLE_AGING
|
|
Authentication token aging disabled.
|
|
.It Bq Er PAM_AUTHTOK_ERR
|
|
Authentication token failure.
|
|
.It Bq Er PAM_AUTHTOK_EXPIRED
|
|
Password has expired.
|
|
.It Bq Er PAM_AUTHTOK_LOCK_BUSY
|
|
Authentication token lock busy.
|
|
.It Bq Er PAM_AUTHTOK_RECOVERY_ERR
|
|
Failed to recover old authentication token.
|
|
.It Bq Er PAM_AUTH_ERR
|
|
Authentication error.
|
|
.It Bq Er PAM_BUF_ERR
|
|
Memory buffer error.
|
|
.It Bq Er PAM_CONV_ERR
|
|
Conversation failure.
|
|
.It Bq Er PAM_CRED_ERR
|
|
Failed to set user credentials.
|
|
.It Bq Er PAM_CRED_EXPIRED
|
|
User credentials have expired.
|
|
.It Bq Er PAM_CRED_INSUFFICIENT
|
|
Insufficient credentials.
|
|
.It Bq Er PAM_CRED_UNAVAIL
|
|
Failed to retrieve user credentials.
|
|
.It Bq Er PAM_DOMAIN_UNKNOWN
|
|
Unknown authentication domain.
|
|
.It Bq Er PAM_IGNORE
|
|
Ignore this module.
|
|
.It Bq Er PAM_MAXTRIES
|
|
Maximum number of tries exceeded.
|
|
.It Bq Er PAM_MODULE_UNKNOWN
|
|
Unknown module type.
|
|
.It Bq Er PAM_NEW_AUTHTOK_REQD
|
|
New authentication token required.
|
|
.It Bq Er PAM_NO_MODULE_DATA
|
|
Module data not found.
|
|
.It Bq Er PAM_OPEN_ERR
|
|
Failed to load module.
|
|
.It Bq Er PAM_PERM_DENIED
|
|
Permission denied.
|
|
.It Bq Er PAM_SERVICE_ERR
|
|
Error in service module.
|
|
.It Bq Er PAM_SESSION_ERR
|
|
Session failure.
|
|
.It Bq Er PAM_SUCCESS
|
|
Success.
|
|
.It Bq Er PAM_SYMBOL_ERR
|
|
Invalid symbol.
|
|
.It Bq Er PAM_SYSTEM_ERR
|
|
System error.
|
|
.It Bq Er PAM_TRY_AGAIN
|
|
Try again.
|
|
.It Bq Er PAM_USER_UNKNOWN
|
|
Unknown user.
|
|
.El
|
|
.Sh SEE ALSO
|
|
.Xr pam_acct_mgmt 3 ,
|
|
.Xr pam_authenticate 3 ,
|
|
.Xr pam_chauthtok 3 ,
|
|
.Xr pam_close_session 3 ,
|
|
.Xr pam_end 3 ,
|
|
.Xr pam_error 3 ,
|
|
.Xr pam_get_authtok 3 ,
|
|
.Xr pam_get_data 3 ,
|
|
.Xr pam_get_item 3 ,
|
|
.Xr pam_get_user 3 ,
|
|
.Xr pam_getenv 3 ,
|
|
.Xr pam_getenvlist 3 ,
|
|
.Xr pam_info 3 ,
|
|
.Xr pam_open_session 3 ,
|
|
.Xr pam_prompt 3 ,
|
|
.Xr pam_putenv 3 ,
|
|
.Xr pam_set_data 3 ,
|
|
.Xr pam_set_item 3 ,
|
|
.Xr pam_setcred 3 ,
|
|
.Xr pam_setenv 3 ,
|
|
.Xr pam_start 3 ,
|
|
.Xr pam_strerror 3 ,
|
|
.Xr pam_verror 3 ,
|
|
.Xr pam_vinfo 3 ,
|
|
.Xr pam_vprompt 3 ,
|
|
.Xr pam.conf 5
|
|
.Sh STANDARDS
|
|
.Rs
|
|
.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules"
|
|
.%D "June 1997"
|
|
.Re
|
|
.Sh AUTHORS
|
|
The OpenPAM library and this manual page were developed for the
|
|
FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research
|
|
Division of Network Associates, Inc. under DARPA/SPAWAR contract
|
|
N66001-01-C-8035
|
|
.Pq Dq CBOSS ,
|
|
as part of the DARPA CHATS research program.
|