diff options
Diffstat (limited to 'Linux-PAM/doc/man/pam_authenticate.3')
| -rw-r--r-- | Linux-PAM/doc/man/pam_authenticate.3 | 161 |
1 files changed, 73 insertions, 88 deletions
diff --git a/Linux-PAM/doc/man/pam_authenticate.3 b/Linux-PAM/doc/man/pam_authenticate.3 index 7383f5f0..576a7a2c 100644 --- a/Linux-PAM/doc/man/pam_authenticate.3 +++ b/Linux-PAM/doc/man/pam_authenticate.3 @@ -1,91 +1,76 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_authenticate.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net> -.TH PAM_AUTHENTICATE 3 "1996 Dec 9" "Linux-PAM 0.55" "App. Programmers' Manual" -.SH NAME - -pam_authenticate \- authenticate a user - -.SH SYNOPSIS -.B #include <security/pam_appl.h> +.\" Title: pam_authenticate +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: 06/27/2006 +.\" Manual: Linux\-PAM Manual +.\" Source: Linux\-PAM Manual +.\" +.TH "PAM_AUTHENTICATE" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +pam_authenticate \- account authentication +.SH "SYNOPSIS" .sp -.BI "int pam_authenticate(pam_handle_t " *pamh ", int " flags ");" -.sp 2 -.SH DESCRIPTION -.B pam_authenticate - -.br -Use this function to authenticate an applicant user. It is linked -.I dynamically -to the authentication modules by -.BR Linux-PAM ". " -It is the task of these module to perform such an authentication. The -specific nature of the authentication is not the concern of the -application. - -.br -Following successful completion, the -.BR name -of the authenticated user will be present in the -.BR Linux-PAM -item -.BR PAM_USER ". " -This item may be recovered with a call to -.BR pam_get_item "(3)." - -.br -The application developer should note that the modules may request -that the user enter their username via the conversation mechanism (see -.BR pam_start "(3))." -Should this be the case, the user-prompt string can be set via -the -.BR PAM_USER_PROMPT -item (see -.BR pam_set_item "(3))." - -.SH "RETURN VALUE" -On success -.BR PAM_SUCCESS -is returned. All other returns should be considered -authentication failures and will be -.I delayed -by an amount specified with prior calls to -.BR pam_fail_delay "(3). " -Specific failures that demand special attention are the following: -.TP -.B PAM_ABORT -the application should exit immediately. Of course, -.BR pam_end "(3)" -should be called first. - -.TP -.B PAM_MAXTRIES -the application has tried too many times to authenticate the -user, authentication should not be attempted again. - -.SH ERRORS -May be translated to text with -.BR pam_strerror "(3). " - -.SH "CONFORMING TO" -DCE-RFC 86.0, October 1995. - -.SH BUGS -.sp 2 -none known. - -.SH "SEE ALSO" - -.BR pam_start "(3), " -.BR pam_get_item "(3) " -.BR pam_fail_delay "(3) " +.ft B +.nf +#include <security/pam_appl.h> +.fi +.ft +.HP 21 +.BI "int pam_authenticate(pam_handle_t\ *" "pamh" ", int\ " "flags" ");" +.SH "DESCRIPTION" +.PP +The +\fBpam_authenticate\fR +function is used to authenticate the user. The user is required to provide an authentication token depending upon the authentication service, usually this is a password, but could also be a finger print. +.PP +The PAM service module may request that the user enter their username vio the the conversation mechanism (see +\fBpam_start\fR(3) and -.BR pam_strerror "(3). " +\fBpam_conv\fR(3)). The name of the authenticated user will be present in the PAM item PAM_USER. This item may be recovered with a call to +\fBpam_get_item\fR(3). +.PP +The +\fIpamh\fR +argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more of the following values: +.TP 3n +PAM_SILENT +Do not emit any messages. +.TP 3n +PAM_DISALLOW_NULL_AUTHTOK +The PAM module service should return PAM_AUTH_ERR if the user does not have a registered authentication token. +.SH "RETURN VALUES" +.TP 3n +PAM_ABORT +The application should exit immediately after calling +\fBpam_end\fR(3) +first. +.TP 3n +PAM_AUTH_ERR +The user was not authenticated. +.TP 3n +PAM_CRED_INSUFFICIENT +For some reason the application does not have sufficient credentials to authenticate the user. +.TP 3n +PAM_AUTHINFO_UNVAIL +The modules were not able to access the authentication information. This might be due to a network or hardware failure etc. +.TP 3n +PAM_MAXTRIES +One or more of the authentication modules has reached its limit of tries authenticating the user. Do not try again. +.TP 3n +PAM_SUCCESS +The user was successfully authenticated. +.TP 3n +PAM_USER_UNKNOWN +User unknown to authentication service. +.SH "SEE ALSO" +.PP -Also, see the three -.BR Linux-PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " +\fBpam_start\fR(3), +\fBpam_setcred\fR(3), +\fBpam_chauthtok\fR(3), +\fBpam_strerror\fR(3), +\fBpam\fR(8) |