pam_authtok_store(5)
NAME
pam_authtok_store - password management module
SYNOPSIS
pam_authtok_store.so.1
DESCRIPTION
pam_authtok_store provides functionality to the PAM password
management stack. It provides one function:
pam_sm_chauthtok().
When invoked with flags set to PAM_UPDATE_AUTHTOK, this
module updates the authentication token for the user speci-
fied by PAM_USER.
The authentication token PAM_OLDAUTHTOK can be used to
authenticate the user against repositories that need updat-
ing (NIS, LDAP). After successful updates, the new authenti-
cation token stored in PAM_AUTHTOK is the user's valid pass-
word.
This module honors the PAM_REPOSITORY item, which, if set,
specifies which repository is to be updated. If
PAM_REPOSITORY is unset, it follows the nsswitch.conf(4).
The following option can be passed to the module:
debug syslog(3C) debugging information at the LOG_DEBUG
level
server_policy
If the account authority for the user, as specified by
PAM_USER, is a server, do not encrypt the authentica-
tion token before updating.
ERRORS
PAM_SUCCESS
Successfully obtains authentication token
PAM_SYSTEM_ERR
Fails to get username, service name, old password or
new password, user name null or empty, or password
null.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Interface Stability | Evolving |
|_____________________________|_____________________________|
| MT Level | MT-Safe with exceptions |
|_____________________________|_____________________________|
SEE ALSO
pam(3PAM), pam_authenticate(3PAM), pam_chauthtok(3PAM),
syslog(3C), libpam(3LIB), pam.conf(4), attributes(5),
pam_authtok_check(5), pam_authtok_get(5), pam_dhkeys(5),
pam_passwd_auth(5), pam_unix(5), pam_unix_account(5),
pam_unix_auth(5), pam_unix_session(5)
NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each
thread within the multi-threaded application uses its own
PAM handle.
The pam_unix(5) module might not be supported in a future
release. Similar functionality is provided by
pam_authtok_check(5), pam_authtok_get(5),
pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5),
pam_unix_account(5), pam_unix_auth(5), and
pam_unix_session(5).
Man(1) output converted with
man2html