pam_setcred(3) -- Linux man page

 

NAME

pam_setcred - set the credentials for the user

 

SYNOPSIS

#include <security/pam_appl.h>

int pam_setcred(pam_handle_t *pamh, int flags);

 

DESCRIPTION

pam_setcred

This function is used to establish, maintain and delete the credentials of a user. It should be called after a user has been authenticated and before a session is opened for the user (with pam_open_session(3)).

It should be noted that credentials come in many forms. Examples include: group memberships; ticket-files; and Linux-PAM environment variables. For this reason, it is important that the basic identity of the user is established, by the application, prior to a call to this function. For example, the default Linux-PAM environment variables should be set and also initgroups(2) (or equivalent) should have been performed.

 

VALID FLAGS

PAM_ESTABLISH_CRED
initialize the credentials for the user.

PAM_DELETE_CRED
delete the user's credentials.

PAM_REINITIALIZE_CRED
delete and then initialize the user's credentials.

PAM_REFRESH_CRED
extend the lifetime of the existing credentials.

 

RETURN VALUE

On success PAM_SUCCESS is returned, all other return values should be treated as errors.

 

ERRORS

May be translated to text with pam_strerror(3).

 

CONFORMING TO

DCE-RFC 86.0, October 1995.

 

BUGS

none known.

 

SEE ALSO

pam_authenticate(3), pam_strerror(3) and pam_open_session(3).

Also, see the three Linux-PAM Guides, for System administrators, module developers, and application developers.