.\" ** You probably do not want to edit this file directly ** .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). .\" Instead of manually editing it, you probably should edit the DocBook XML .\" source for it and then use the DocBook XSL Stylesheets to regenerate it. .TH "PAM_SETCRED" "3" "02/12/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" pam_setcred \- establish / delete user credentials .SH "SYNOPSIS" .PP \fB#include \fR .HP 16 \fBint\ \fBpam_setcred\fR\fR\fB(\fR\fBpam_handle_t\ *\fR\fB\fIpamh\fR\fR\fB, \fR\fBint\ \fR\fB\fIflags\fR\fR\fB);\fR .SH "DESCRIPTION" .PP The \fBpam_setcred\fR function is used to establish, maintain and delete the credentials of a user. It should be called after a user has been authenticated and before a session is opened for the user (with \fBpam_open_session\fR(3)). .PP A credential is something that the user possesses. It is some property, such as a \fIKerberos\fR ticket, or a supplementary group membership that make up the uniqueness of a given user. On a Linux system the user's \fIUID\fR and \fIGID\fR's are credentials too. However, it has been decided that these properties (along with the default supplementary groups of which the user is a member) are credentials that should be set directly by the application and not by PAM. Such credentials should be established, by the application, prior to a call to this function. For example, \fBinitgroups\fR(2) (or equivalent) should have been performed. .PP Valid \fIflags\fR, any one of which, may be logically OR'd with \fBPAM_SILENT\fR, are: .TP PAM_ESTABLISH_CRED Initialize the credentials for the user. .TP PAM_DELETE_CRED Delete the user's credentials. .TP PAM_REINITIALIZE_CRED Fully reinitialize the user's credentials. .TP PAM_REFRESH_CRED Extend the lifetime of the existing credentials. .SH "RETURN VALUE" .TP PAM_BUF_ERR Memory buffer error. .TP PAM_CRED_ERR Failed to set user credentials. .TP PAM_CRED_EXPIRED User credentials are expired. .TP PAM_CRED_UNAVAIL Failed to retrieve user credentials. .TP PAM_SUCCESS Data was successful stored. .TP PAM_SYSTEM_ERR A NULL pointer was submitted as PAM handle, the function was called by a module or another system error occured. .TP PAM_USER_UNKNOWN User is not known to an authentication module. .SH "SEE ALSO" .PP \fBpam_authenticate\fR(3), \fBpam_open_session\fR(3), \fBpam_strerror\fR(3)