Section (3) pam_authenticate
DESCRIPTION
The pam_authenticate
function is used to authenticate the user. The user is
required to provide an authentication token depending upon
the authentication service, usually this is a password, but
could also be a finger print.
The PAM service module may request that the user enter their username via the conversation mechanism (see pam_start(3) and pam_conv(3)). The name of the authenticated user will be present in the PAM item PAM_USER. This item may be recovered with a call to pam_get_item(3).
The pamh argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more of the following values:
- PAM_SILENT
-
Do not emit any messages.
- PAM_DISALLOW_NULL_AUTHTOK
-
The PAM module service should return PAM_AUTH_ERR if the user does not have a registered authentication token.
RETURN VALUES
- PAM_ABORT
-
The application should exit immediately after calling pam_end(3) first.
- PAM_AUTH_ERR
-
The user was not authenticated.
- PAM_CRED_INSUFFICIENT
-
For some reason the application does not have sufficient credentials to authenticate the user.
- PAM_AUTHINFO_UNAVAIL
-
The modules were not able to access the authentication information. This might be due to a network or hardware failure etc.
- PAM_MAXTRIES
-
One or more of the authentication modules has reached its limit of tries authenticating the user. Do not try again.
- PAM_SUCCESS
-
The user was successfully authenticated.
- PAM_USER_UNKNOWN
-
User unknown to authentication service.
SEE ALSO
pam_start(3), pam_setcred(3), pam_chauthtok(3), pam_strerror(3), pam(8)
See Linux-PAM copyright notice for more information.
|