diff options
Diffstat (limited to 'Linux-PAM/doc/man/pam_chauthtok.3')
| -rw-r--r-- | Linux-PAM/doc/man/pam_chauthtok.3 | 166 |
1 files changed, 69 insertions, 97 deletions
diff --git a/Linux-PAM/doc/man/pam_chauthtok.3 b/Linux-PAM/doc/man/pam_chauthtok.3 index a0466f0f..16c673b5 100644 --- a/Linux-PAM/doc/man/pam_chauthtok.3 +++ b/Linux-PAM/doc/man/pam_chauthtok.3 @@ -1,101 +1,73 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_chauthtok.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> -.TH PAM_CHAUTHTOK 3 "1997 Jan 4" "Linux-PAM 0.55" "App. Programmers' Manual" -.SH NAME - +.\" Title: pam_chauthtok +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: 06/27/2006 +.\" Manual: Linux\-PAM Manual +.\" Source: Linux\-PAM Manual +.\" +.TH "PAM_CHAUTHTOK" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" pam_chauthtok \- updating authentication tokens - -.SH SYNOPSIS -.B #include <security/pam_appl.h> +.SH "SYNOPSIS" .sp -.BI "int pam_chauthtok(pam_handle_t " *pamh ", int " flags ");" -.sp 2 -.SH DESCRIPTION -.B pam_chauthtok - -.br -Use this function to rejuvenate the authentication tokens (passwords -etc.) of an applicant user. - -.br -Note, the application should not pre-authenticate the user, as this is -performed (if required) by the -.BR Linux-PAM -framework. - -.br +.ft B +.nf +#include <security/pam_appl.h> +.fi +.ft +.HP 18 +.BI "int pam_chauthtok(pam_handle_t\ *" "pamh" ", int\ " "flags" ");" +.SH "DESCRIPTION" +.PP The -.I flags -argument can -.I optionally -take the value, -.BR PAM_CHANGE_EXPIRED_AUTHTOK "." -In such cases the framework is only required to update those -authentication tokens that have expired. Without this argument, the -framework will attempt to obtain new tokens for all configured -authentication mechanisms. The details of the types and number of such -schemes should not concern the calling application. - -.SH RETURN VALUE -A successful return from this function will be indicated with -.BR PAM_SUCCESS "." - -.br -Specific errors of special interest when calling this function are - -.br -.BR PAM_AUTHTOK_ERROR -- a valid new token was not obtained - -.br -.BR PAM_AUTHTOK_RECOVERY_ERR -- old authentication token was not available - -.br -.BR PAM_AUTHTOK_LOCK_BUSY -- a resource needed to update the token was locked (try again later) - -.br -.BR PAM_AUTHTOK_DISABLE_AGING -- one or more of the authentication modules does not honor -authentication token aging - -.br -.BR PAM_TRY_AGAIN -- one or more authentication mechanism is not prepared to update a -token at this time - -.br -In general other return values may be returned. They should be treated -as indicating failure. - -.SH ERRORS -May be translated to text with -.BR pam_strerror "(3). " - -.SH "CONFORMING TO" -DCE-RFC 86.0, October 1995. - -.SH BUGS -.sp 2 -none known. - +\fBpam_chauthtok\fR +function is used to change the authentication token for a given user (as indicated by the state associated with the handle +\fIpamh\fR). +.PP +The +\fIpamh\fR +argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more of the following values: +.TP 3n +PAM_SILENT +Do not emit any messages. +.TP 3n +PAM_CHANGE_EXPIRED_AUTHTOK +This argument indicates to the modules that the users authentication token (password) should only be changed if it has expired. If this argument is not passed, the application requires that all authentication tokens are to be changed. +.SH "RETURN VALUES" +.TP 3n +PAM_AUTHTOK_ERR +A module was unable to obtain the new authentication token. +.TP 3n +PAM_AUTHTOK_RECOVERY_ERR +A module was unable to obtain the old authentication token. +.TP 3n +PAM_AUTHTOK_LOCK_BUSY +One or more of the modules was unable to change the authentication token since it is currently locked. +.TP 3n +PAM_AUTHTOK_DISABLE_AGING +Authentication token aging has been disabled for at least one of the modules. +.TP 3n +PAM_PERM_DENIED +Permission denied. +.TP 3n +PAM_SUCCESS +The authentication token was successfully updated. +.TP 3n +PAM_TRY_AGAIN +Not all of the modules were in a position to update the authentication token(s). In such a case none of the user's authentication tokens are updated. +.TP 3n +PAM_USER_UNKNOWN +User unknown to password service. .SH "SEE ALSO" - -.BR pam_start "(3), " -.BR pam_authenticate "(3), " -.BR pam_setcred "(3), " -.BR pam_get_item "(3), " -.BR pam_strerror "(3) " -and -.BR pam "(8)." - -.br -Also, see the three -.BR Linux-PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " +.PP + +\fBpam_start\fR(3), +\fBpam_authenticate\fR(3), +\fBpam_setcred\fR(3), +\fBpam_get_item\fR(3), +\fBpam_strerror\fR(3), +\fBpam\fR(8) |