PAM_SETCRED

NAME
SYNOPSIS
DESCRIPTION
VALID FLAGS
RETURN VALUE
ERRORS
CONFORMING TO
BUGS
SEE ALSO

NAME

pam_setcred − set the credentials for the user

SYNOPSIS

#include <security/pam_appl.h>

int pam_setcred(pam_handle_t *pamh, int flags);

DESCRIPTION

pam_setcred

This function is used to establish, maintain and delete the credentials of a user. It should be called after a user has been authenticated and before a session is opened for the user (with pam_open_session(3)).

It should be noted that credentials come in many forms. Examples include: group memberships; ticket-files; and Linux-PAM environment variables. For this reason, it is important that the basic identity of the user is established, by the application, prior to a call to this function. For example, the default Linux-PAM environment variables should be set and also initgroups(2) (or equivalent) should have been performed.

VALID FLAGS

PAM_ESTABLISH_CRED

initialize the credentials for the user.

PAM_DELETE_CRED

delete the user’s credentials.

PAM_REINITIALIZE_CRED

delete and then initialize the user’s credentials.

PAM_REFRESH_CRED

extend the lifetime of the existing credentials.

RETURN VALUE

On success PAM_SUCCESS is returned, all other return values should be treated as errors.

ERRORS

May be translated to text with pam_strerror(3).

CONFORMING TO

DCE-RFC 86.0, October 1995.

BUGS

none known.

SEE ALSO

pam_authenticate(3), pam_strerror(3) and pam_open_session(3).

Also, see the three Linux-PAM Guides, for System administrators, module developers, and application developers.