1PAM_SETCRED(3) Linux-PAM Manual PAM_SETCRED(3)
2
6 pam_setcred - establish / delete user credentials
7
9 #include <security/pam_appl.h>
10 int pam_setcred(pam_handle_t *pamh, int flags);
12
14 The pam_setcred function is used to establish, maintain and delete the
15 credentials of a user. It should be called after a user has been
16 authenticated and before a session is opened for the user (with
17 pam_open_session(3)).
18 A credential is something that the user possesses. It is some property,
20 such as a Kerberos ticket, or a supplementary group membership that
21 make up the uniqueness of a given user. On a Linux system the user's
22 UID and GID's are credentials too. However, it has been decided that
23 these properties (along with the default supplementary groups of which
24 the user is a member) are credentials that should be set directly by
25 the application and not by PAM. Such credentials should be established,
26 by the application, prior to a call to this function. For example,
27 initgroups(2) (or equivalent) should have been performed.
28 Valid flags, any one of which, may be logically OR'd with PAM_SILENT,
30 are:
31 PAM_ESTABLISH_CRED
33 Initialize the credentials for the user.
34 PAM_DELETE_CRED
36 Delete the user's credentials.
37 PAM_REINITIALIZE_CRED
39 Fully reinitialize the user's credentials.
40 PAM_REFRESH_CRED
42 Extend the lifetime of the existing credentials.
43
45 PAM_BUF_ERR
46 Memory buffer error.
47 PAM_CRED_ERR
49 Failed to set user credentials.
50 PAM_CRED_EXPIRED
52 User credentials are expired.
53 PAM_CRED_UNAVAIL
55 Failed to retrieve user credentials.
56 PAM_SUCCESS
58 Data was successful stored.
59 PAM_SYSTEM_ERR
61 A NULL pointer was submitted as PAM handle, the function was called
62 by a module or another system error occured.
63 PAM_USER_UNKNOWN
65 User is not known to an authentication module.
66
68 pam_authenticate(3), pam_open_session(3), pam_strerror(3)
69Linux-PAM Manual 06/27/2006 PAM_SETCRED(3)