unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.10)
Page:
Section:
Apropos / Subsearch:
optional field

pam_authtok_store(5)  Standards, Environments, and Macros pam_authtok_store(5)



NAME
       pam_authtok_store - password management module

SYNOPSIS
       pam_authtok_store.so.1

DESCRIPTION
       pam_authtok_store provides functionality to the PAM password management
       stack. It provides one function: pam_sm_chauthtok().

       When invoked with flags set to PAM_UPDATE_AUTHTOK, this module  updates
       the authentication token for the user specified by PAM_USER.

       The authentication token PAM_OLDAUTHTOK can be used to authenticate the
       user against repositories that need updating (NIS,  LDAP).  After  suc-
       cessful  updates, the new authentication token stored in PAM_AUTHTOK is
       the user's valid password.

       This module honors the PAM_REPOSITORY item, which,  if  set,  specifies
       which  repository is to be updated. If PAM_REPOSITORY is unset, it fol-
       lows the nsswitch.conf(4).

       The following option can be passed to the module:

       debug           syslog(3C) debugging information at the LOG_DEBUG level



       server_policy   If the account authority for the user, as specified  by
                       PAM_USER,  is  a server, do not encrypt the authentica-
                       tion token before updating.



ERRORS
       PAM_SUCCESS             Successfully obtains authentication token



       PAM_SYSTEM_ERR          Fails to get username, service name, old  pass-
                               word  or new password, user name null or empty,
                               or password null.



ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:


       tab()    allbox;    cw(2.750000i)|     cw(2.750000i)     lw(2.750000i)|
       lw(2.750000i).  ATTRIBUTE TYPEATTRIBUTE VALUE Interface StabilityEvolv-
       ing MT LevelMT-Safe with exceptions


SEE ALSO
       pam(3PAM),  pam_authenticate(3PAM),  pam_chauthtok(3PAM),   syslog(3C),
       libpam(3LIB),    pam.conf(4),    attributes(5),   pam_authtok_check(5),
       pam_authtok_get(5),         pam_dhkeys(5),          pam_passwd_auth(5),
       pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5)

NOTES
       The  interfaces  in libpam(3LIB) are MT-Safe only if each thread within
       the multi-threaded application uses its own PAM handle.

       The pam_unix(5) module is no longer supported. Similar functionality is
       provided   by   pam_authtok_check(5),   pam_authtok_get(5),   pam_auth-
       tok_store(5), pam_dhkeys(5),  pam_passwd_auth(5),  pam_unix_account(5),
       pam_unix_auth(5), and pam_unix_session(5).

       If  the  PAM_REPOSITORY  item_type is set and a service module does not
       recognize the type, the service module does not  process  any  informa-
       tion,  and  returns PAM_IGNORE.  If the PAM_REPOSITORY item_type is not
       set, a service module performs its default action.



SunOS 5.10                        26 Jan 2004             pam_authtok_store(5)