NAME

pam_sm_chauthtok — service module implementation for pam_chauthtok

LIBRARY

Pluggable Authentication Module Library (libpam, -lpam)

SYNOPSIS

#include <sys/types.h>
#include <security/pam_appl.h>
#include <security/pam_modules.h>

int
pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv);

DESCRIPTION

The pam_sm_chauthtok() function is the service module's implementation of the pam_chauthtok(3) API function.

When the application calls pam_chauthtok(3), the service function is called twice, first with the PAM_PRELIM_CHECK flag set and then again with the PAM_UPDATE_AUTHTOK flag set.

RETURN VALUES

The pam_sm_chauthtok() function returns one of the following values:

[PAM_ABORT]

General failure.

[PAM_AUTHTOK_DISABLE_AGING]

Authentication token aging disabled.

[PAM_AUTHTOK_ERR]

Authentication token failure.

[PAM_AUTHTOK_LOCK_BUSY]

Authentication token lock busy.

[PAM_AUTHTOK_RECOVERY_ERR]

Failed to recover old authentication token.

[PAM_BUF_ERR]

Memory buffer error.

[PAM_CONV_ERR]

Conversation failure.

[PAM_IGNORE]

Ignore this module.

[PAM_PERM_DENIED]

Permission denied.

[PAM_SERVICE_ERR]

Error in service module.

[PAM_SYSTEM_ERR]

System error.

[PAM_TRY_AGAIN]

Try again.

SEE ALSO

pam(3), pam_chauthtok(3), pam_strerror(3)

STANDARDS

X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules, June 1997.

AUTHORS

The pam_sm_chauthtok() function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.

The OpenPAM library is maintained by Dag-Erling Smørgrav <des@des.no>.