pam_setcred(3) — Linux manual page


PAM_SETCRED(3)              Linux-PAM Manual              PAM_SETCRED(3)

NAME         top

       pam_setcred - establish / delete user credentials

SYNOPSIS         top

       #include <security/pam_appl.h>

       int pam_setcred(pam_handle_t *pamh, int flags);

DESCRIPTION         top

       The pam_setcred function is used to establish, maintain and
       delete the credentials of a user. It should be called to set the
       credentials after a user has been authenticated and before a
       session is opened for the user (with pam_open_session(3)). The
       credentials should be deleted after the session has been closed
       (with pam_close_session(3)).

       A credential is something that the user possesses. It is some
       property, such as a Kerberos ticket, or a supplementary group
       membership that make up the uniqueness of a given user. On a
       Linux system the user's UID and GID's are credentials too.
       However, it has been decided that these properties (along with
       the default supplementary groups of which the user is a member)
       are credentials that should be set directly by the application
       and not by PAM. Such credentials should be established, by the
       application, prior to a call to this function. For example,
       initgroups(2) (or equivalent) should have been performed.

       Valid flags, any one of which, may be logically OR'd with
       PAM_SILENT, are:

           Initialize the credentials for the user.

           Delete the user's credentials.

           Fully reinitialize the user's credentials.

           Extend the lifetime of the existing credentials.

RETURN VALUES         top

           Memory buffer error.

           Failed to set user credentials.

           User credentials are expired.

           Failed to retrieve user credentials.

           Data was successful stored.

           A NULL pointer was submitted as PAM handle, the function was
           called by a module or another system error occured.

           User is not known to an authentication module.

SEE ALSO         top

       pam_authenticate(3), pam_open_session(3), pam_close_session(3),

COLOPHON         top

       This page is part of the linux-pam (Pluggable Authentication
       Modules for Linux) project.  Information about the project can be
       found at ⟨⟩.  If you have a bug report
       for this manual page, see ⟨//⟩.  This page was
       obtained from the tarball Linux-PAM-1.3.0.tar.bz2 fetched from
       ⟨⟩ on 2021-08-27.  If you
       discover any rendering problems in this HTML version of the page,
       or you believe there is a better or more up-to-date source for
       the page, or you have corrections or improvements to the
       information in this COLOPHON (which is not part of the original
       manual page), send a mail to

Linux-PAM Manual               04/01/2016                 PAM_SETCRED(3)

Pages that refer to this page: pam(3)pam_authenticate(3)pam_chauthtok(3)pam_sm_setcred(3)pam_filter(8)pam_tally2(8)pam_tally(8)