Content-type: text/html Man page of pam_authtok_store

pam_authtok_store

Section: Standards, Environments, and Macros (5)
Updated: 26 Jan 2004
Index Return to Main Contents
 

NAME

pam_authtok_store - password management module  

SYNOPSIS

pam_authtok_store.so.1
 

DESCRIPTION

pam_authtok_store provides functionality to the PAM password management stack. It provides one function: pam_sm_chauthtok().

When invoked with flags set to PAM_UPDATE_AUTHTOK, this module updates the authentication token for the user specified by PAM_USER.

The authentication token PAM_OLDAUTHTOK can be used to authenticate the user against repositories that need updating (NIS, LDAP). After successful updates, the new authentication token stored in PAM_AUTHTOK is the user's valid password.

This module honors the PAM_REPOSITORY item, which, if set, specifies which repository is to be updated. If PAM_REPOSITORY is unset, it follows the nsswitch.conf(4).

The following option can be passed to the module:

debug syslog(3C) debugging information at the LOG_DEBUG level

server_policy If the account authority for the user, as specified by PAM_USER, is a server, do not encrypt the authentication token before updating.

 

ERRORS

PAM_SUCCESS Successfully obtains authentication token

PAM_SYSTEM_ERR Fails to get username, service name, old password or new password, user name null or empty, or password null.

 

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
Interface StabilityEvolving
MT LevelMT-Safe with exceptions

 

SEE ALSO

pam(3PAM), pam_authenticate(3PAM), pam_chauthtok(3PAM), syslog(3C), libpam(3LIB), pam.conf(4), attributes(5), pam_authtok_check(5), pam_authtok_get(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5)  

NOTES

The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.

The pam_unix(5) module is no longer supported. Similar functionality is provided by pam_authtok_check(5), pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), and pam_unix_session(5).

If the PAM_REPOSITORY item_type is set and a service module does not recognize the type, the service module does not process any information, and returns PAM_IGNORE. If the PAM_REPOSITORY item_type is not set, a service module performs its default action.


 

Index

NAME
SYNOPSIS
DESCRIPTION
ERRORS
ATTRIBUTES
SEE ALSO
NOTES

This document was created by man2html, using the manual pages.
Time: 02:39:51 GMT, October 02, 2010