PAM_PASSWD_AUTH(7) Standards, Environments, and Macros PAM_PASSWD_AUTH(7)
NAME
pam_passwd_auth - authentication module for password
SYNOPSIS
pam_passwd_auth.so.1DESCRIPTION
pam_passwd_auth provides authentication functionality to the password
service as implemented by
passwd(1). It differs from the standard
PAM authentication modules in its prompting behavior. It should be the first
module on the password service authentication stack.
The name of the user whose password attributes are to be updated must be
present in the
PAM_USER item. This can be accomplished due to a previous
call to
pam_start(3PAM), or explicitly set by
pam_set_item(3PAM). Based
on the current user-id and the repository that is to by updated, the
module determines whether a password is necessary for a successful update
of the password repository, and if so, which password is required.
The following options can be passed to the module:
debug syslog(3C) debugging information at the
LOG_DEBUG level
nowarn Turn off warning messages
server_policy If the account authority for the user, as specified by
PAM_USER, is a server, do not apply the Unix policy from
the passwd entry in the name service switch.
ERRORS
The following error codes are returned:
PAM_BUF_ERR Memory buffer error
PAM_IGNORE Ignore module, not participating in result
PAM_SUCCESS Successfully obtains authentication token
PAM_SYSTEM_ERR System error
ATTRIBUTES
See
attributes(7) for descriptions of the following attributes:
+--------------------+-------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-------------------------+
|Interface Stability | Evolving |
+--------------------+-------------------------+
|MT Level | MT-Safe with exceptions |
+--------------------+-------------------------+
SEE ALSO
passwd(1),
syslog(3C),
libpam(3LIB),
pam(3PAM),
pam_authenticate(3PAM),
pam_set_item(3PAM),
pam_start(3PAM),
pam.conf(5),
attributes(7),
pam_authtok_check(7),
pam_authtok_get(7),
pam_authtok_store(7),
pam_dhkeys(7),
pam_unix_account(7),
pam_unix_auth(7),
pam_unix_session(7)NOTES
The interfaces in
libpam(3LIB) are MT-Safe only if each thread within the
multi-threaded application uses its own PAM handle.
This module relies on the value of the current real
UID, this module is
only safe for MT-applications that don't change
UIDs during the call to
pam_authenticate(3PAM).
The
pam_unix(7) module is no longer supported. Similar functionality is
provided by
pam_authtok_check(7),
pam_authtok_get(7),
pam_authtok_store(7),
pam_dhkeys(7),
pam_passwd_auth(7),
pam_unix_account(7),
pam_unix_auth(7), and
pam_unix_session(7).
August 10, 2002
PAM_PASSWD_AUTH(7)