pam_get_item man page on SmartOS

Man page or keyword search:  
man Server   16655 pages
apropos Keyword Search (all sections)
Output format
SmartOS logo
[printable version]


       pam_set_item,  pam_get_item  -  authentication information routines for

       cc [ flag ... ] file ... -lpam [ library ... ]
       #include <security/pam_appl.h>

       int pam_set_item(pam_handle_t *pamh, int item_type,
	    const void *item);

       int pam_get_item(const pam_handle_t *pamh, int item_type,
	    void **item);

       The pam_get_item() and pam_set_item() functions allow applications  and
       PAM  service modules to access and to update PAM information as needed.
       The information is specified by item_type, and can be one of  the  fol‐

			  The  authenticated user name.	 Applications that are
			  trusted to correctly identify the authenticated user
			  should set this item to the authenticated user name.
			  See NOTES and pam_unix_cred(5).

			  The user authentication token.

			  The  pam_conv structure.

			  The old user authentication token.

			  A semicolon-separated list of key=value  pairs  that
			  represent  the set of resource controls for applica‐
			  tion by pam_setcred(3PAM) or pam_open_session(3PAM).
			  See  the individual service module definitions, such
			  as pam_unix_cred(5), for interpretations of the keys
			  and values.

			  The remote host name.

			  The rlogin/rsh untrusted remote user name.

			  The service name.

			  The tty name.

			  The user name.

			  The default prompt used by  pam_get_user().

			  The  repository  that	 contains  the	authentication
			  token information.

       The pam_repository structure is defined as:

	 struct pam_repository {
	     char   *type;	 /* Repository type, e.g., files, */
				 /* nis, ldap */
	     void   *scope;	 /* Optional scope information */
	     size_t  scope_len;	 /* length of scope information */

       The item_type PAM_SERVICE can be set only by pam_start() and  is	 read-
       only to both applications and service modules.

       For  security reasons, the item_type PAM_AUTHTOK and PAM_OLDAUTHTOK are
       available only to the  module  providers.  The  authentication  module,
       account	module, and session management module should treat PAM_AUTHTOK
       as the current authentication  token  and  ignore  PAM_OLDAUTHTOK.  The
       password	 management  module should treat PAM_OLDAUTHTOK as the current
       authentication token and PAM_AUTHTOK as the new authentication token.

       The pam_set_item() function is passed the authentication handle,	 pamh,
       returned	 by  pam_start(), a pointer to the object, item, and its type,
       item_type. If successful, pam_set_item() copies the item to an internal
       storage	area  allocated	 by  the   authentication  module  and returns
       PAM_SUCCESS. An item that had been previously set will  be  overwritten
       by the new value.

       The  pam_get_item() function is passed the authentication handle, pamh,
       returned by pam_start(), an item_type, and the address of the  pointer,
       item, which is assigned the address of the requested object. The object
       data is valid until modified by a subsequent call to pam_set_item() for
       the  same  item_type, or unless it is modified by any of the underlying
       service	modules.  If  the  item	  has	not   been   previously	  set,
       pam_get_item()	returns	  a   null  pointer.   An  item	 retrieved  by
       pam_get_item() should not be modified  or  freed.   The	item  will  be
       released by pam_end().

       Upon success, pam_get_item() returns  PAM_SUCCESS; otherwise it returns
       an error code. Refer to pam(3PAM)  for  information  on	error  related
       return values.

       See attributes(5) for description of the following attributes:

       │Interface Stability │  Stable		      │
       │MT-Level	    │ MT-Safe with exceptions │

       The  functions  in  libpam(3LIB) are MT-Safe only if each thread within
       the multithreaded application uses its own PAM handle.

       libpam(3LIB), pam(3PAM),	 pam_acct_mgmt(3PAM),  pam_authenticate(3PAM),
       pam_chauthtok(3PAM),	pam_get_user(3PAM),    pam_open_session(3PAM),
       pam_setcred(3PAM), pam_start(3PAM), attributes(5), pam_unix_cred(5)

       If the PAM_REPOSITORY item_type is set and a service  module  does  not
       recognize  the  type,  the service module does not process any informa‐
       tion, and returns PAM_IGNORE. If the PAM_REPOSITORY  item_type  is  not
       set, a service module performs its default action.

       PAM_AUSER  is  not  intended  as	 a  replacement	 for  PAM_USER.	 It is
       expected to be used to supplement PAM_USER when there is	 an  authenti‐
       cated  user  from  a  source  other  than  pam_authenticate(3PAM). Such
       sources could be sshd host-based authentication, kerberized rlogin, and

				 Oct 31, 2006		    PAM_SET_ITEM(3PAM)

List of man pages available for SmartOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net