path: root/doc/man/pam_open_session.3
diff options
Diffstat (limited to 'doc/man/pam_open_session.3')
1 files changed, 44 insertions, 96 deletions
diff --git a/doc/man/pam_open_session.3 b/doc/man/pam_open_session.3
index 4e63b5c4..ef6d545d 100644
--- a/doc/man/pam_open_session.3
+++ b/doc/man/pam_open_session.3
@@ -1,99 +1,47 @@
-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\" $Id$
-.\" Copyright (c) Andrew G. Morgan 1997 <>
-.TH PAM_OPEN_SESSION 3 "1997 Jan 4" "Linux-PAM 0.55" "App. Programmers' Manual"
-pam_open/close_session \- PAM session management
-.B #include <security/pam_appl.h>
-.BI "int pam_open_session(pam_handle_t " *pamh ", int " flags ");"
-.BI "int pam_close_session(pam_handle_t " *pamh ", int " flags ");"
-.sp 2
-PAM provides management-hooks for the initialization and termination
-of a session.
+.\" ** You probably do not want to edit this file directly **
+.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
+.\" Instead of manually editing it, you probably should edit the DocBook XML
+.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
+.TH "PAM_OPEN_SESSION" "3" "02/12/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.\" disable justification (adjust text to left margin only) l
+pam_open_session \- start PAM session management
+\fB#include <security/pam_appl.h>\fR
+.HP 21
+\fBint\ \fBpam_open_session\fR\fR\fB(\fR\fBpam_handle_t\ *\fR\fB\fIpamh\fR\fR\fB, \fR\fBint\ \fR\fB\fIflags\fR\fR\fB);\fR
+function sets up a user session for a previously successful authenticated user. The session should later be terminated with a call to
+It should be noted that the effective uid,
+\fBgeteuid\fR(2). of the application should be of sufficient privilege to perform such tasks as creating or mounting the user's home directory for example.
+The flags argument is the binary or of zero or more of the following values:
-.B pam_open_session
-Use this function to signal that an authenticated user session has
-begun. It should be called only after the user is properly identified
-and (where necessary) has been granted their credentials with
-.BR pam_authenticate "(3)"
-.BR pam_setcred "(3)"
-Some types of functions associated with session
-initialization are logging for the purposes of system-audit and
-mounting directories (the user's home directory for example). These
-should not concern the application. It should be noted that the
-.I effective
-.BR geteuid "(2),"
-of the application should be of sufficient privilege to perform such
+Do not emit any messages.
-.B pam_close_session
-Use this function to signal that a user session has
-terminated. In general this function may not need to be located in the
-same application as the initialization function,
-.BR pam_open_session "."
-Typically, this function will undo the actions of
-.BR pam_open_session "."
-That is, log audit information concerning the end of the user session
-or unmount the user's home directory. Apart from having sufficient
-privilege the details of the session termination should not concern
-the calling application. It is good programming practice, however, to
-cease acting on behalf of the user on returning from this call.
-A successful return from the session management functions will be
-indicated with
-The specific error indicating a failure to open or close a session is
-In general other return values may be returned. They should be treated
-as indicating failure.
-May be translated to text with
-.BR pam_strerror "(3). "
-OSF-RFC 86.0, October 1995.
-.sp 2
-none known.
+General failure.
+Memory buffer error.
+Session failure.
+Session was successful created.
-.BR pam_start "(3), "
-.BR pam_authenticate "(3), "
-.BR pam_setcred "(3), "
-.BR pam_get_item "(3), "
-.BR pam_strerror "(3) "
-.BR pam "(3)."
-Also, see the three
-.BR Linux-PAM
-Guides, for
-.BR "System administrators" ", "
-.BR "module developers" ", "
-.BR "application developers" ". "