1PAM_SETCRED(3)                 Linux-PAM Manual                 PAM_SETCRED(3)
2
3
4

NAME

6       pam_setcred - establish / delete user credentials
7

SYNOPSIS

9       #include <security/pam_appl.h>
10
11       int pam_setcred(pam_handle_t *pamh, int flags);
12

DESCRIPTION

14       The pam_setcred function is used to establish, maintain and delete the
15       credentials of a user. It should be called to set the credentials after
16       a user has been authenticated and before a session is opened for the
17       user (with pam_open_session(3)). The credentials should be deleted
18       after the session has been closed (with pam_close_session(3)).
19
20       A credential is something that the user possesses. It is some property,
21       such as a Kerberos ticket, or a supplementary group membership that
22       make up the uniqueness of a given user. On a Linux system the user's
23       UID and GID's are credentials too. However, it has been decided that
24       these properties (along with the default supplementary groups of which
25       the user is a member) are credentials that should be set directly by
26       the application and not by PAM. Such credentials should be established,
27       by the application, prior to a call to this function. For example,
28       initgroups(2) (or equivalent) should have been performed.
29
30       Valid flags, any one of which, may be logically OR'd with PAM_SILENT,
31       are:
32
33       PAM_ESTABLISH_CRED
34           Initialize the credentials for the user.
35
36       PAM_DELETE_CRED
37           Delete the user's credentials.
38
39       PAM_REINITIALIZE_CRED
40           Fully reinitialize the user's credentials.
41
42       PAM_REFRESH_CRED
43           Extend the lifetime of the existing credentials.
44

RETURN VALUES

46       PAM_BUF_ERR
47           Memory buffer error.
48
49       PAM_CRED_ERR
50           Failed to set user credentials.
51
52       PAM_CRED_EXPIRED
53           User credentials are expired.
54
55       PAM_CRED_UNAVAIL
56           Failed to retrieve user credentials.
57
58       PAM_SUCCESS
59           Data was successful stored.
60
61       PAM_SYSTEM_ERR
62           A NULL pointer was submitted as PAM handle, the function was called
63           by a module or another system error occurred.
64
65       PAM_USER_UNKNOWN
66           User is not known to an authentication module.
67

SEE ALSO

69       pam_authenticate(3), pam_open_session(3), pam_close_session(3),
70       pam_strerror(3)
71
72
73
74Linux-PAM Manual                  06/08/2020                    PAM_SETCRED(3)
Impressum