NAME
pam_authenticate - account authenticationSYNOPSIS
#include <security/pam_appl.h>
int
pam_authenticate(pam_handle_t *pamh,
int flags);
DESCRIPTION
The pam_authenticate function is used to authenticate the user. The user is required to provide an authentication token depending upon the authentication service, usually this is a password, but could also be a finger print. The PAM service module may request that the user enter their username via the conversation mechanism (see pam_start(3) and pam_conv(3)). The name of the authenticated user will be present in the PAM item PAM_USER. This item may be recovered with a call to pam_get_item(3). The pamh argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more of the following values: PAM_SILENTDo not emit any messages.
PAM_DISALLOW_NULL_AUTHTOK
The PAM module service should return
PAM_AUTH_ERR if the user does not have a registered authentication
token.
RETURN VALUES
PAM_ABORTThe application should exit immediately after
calling pam_end(3) first.
PAM_AUTH_ERR
The user was not authenticated.
PAM_CRED_INSUFFICIENT
For some reason the application does not have
sufficient credentials to authenticate the user.
PAM_AUTHINFO_UNAVAIL
The modules were not able to access the
authentication information. This might be due to a network or hardware failure
etc.
PAM_MAXTRIES
One or more of the authentication modules has
reached its limit of tries authenticating the user. Do not try again.
PAM_SUCCESS
The user was successfully authenticated.
PAM_USER_UNKNOWN
User unknown to authentication service.
SEE ALSO
pam_start(3), pam_setcred(3), pam_chauthtok(3), pam_strerror(3), pam(7)09/03/2021 | Linux-PAM Manual |