pam_passwd_auth(5)




NAME

     pam_passwd_auth - authentication module for password


SYNOPSIS

     pam_passwd_auth.so.1


DESCRIPTION

     pam_passwd_auth provides authentication functionality to the
     password  service  as  implemented  by passwd(1). It differs
     from the standard PAM authentication modules in its  prompt-
     ing behavior.

     The name of the user whose password  attributes  are  to  be
     updated  must  be  present in the PAM_USER item. This can be
     accomplished due to a previous call to  pam_start(3PAM),  or
     explicitly  set  by pam_set_item(3PAM). Based on the current
     user-id and the repository that is to by updated, the module
     determines  whether a password is necessary for a successful
     update of the password repository, and if so, which password
     is required.

     The following option can be passed to the module:

     debug syslog(3C)  debugging  information  at  the  LOG_DEBUG
           level

     nowarn
           Turn off warning messages

     server_policy
           If the account authority for the user, as specified by
           PAM_USER,  is  a  server, do not apply the Unix policy
           from the passwd entry in the name service switch.


ERRORS

     The following error codes are returned:

     PAM_BUF_ERR
           Memory buffer error

     PAM_IGNORE
           Ignore module, not participating in result

     PAM_SUCCESS
           Successfully obtains authentication token

     PAM_SYSTEM_ERR
           System error


ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-
     butes:
     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Interface Stability         | Evolving                    |
    |_____________________________|_____________________________|
    | MT Level                    | MT-Safe with exceptions     |
    |_____________________________|_____________________________|


SEE ALSO

     passwd(1),        pam(3PAM),         pam_authenticate(3PAM),
     pam_start(3PAM),       pam_set_item(3PAM),       syslog(3C),
     libpam(3LIB),          pam.conf(4),           attributes(5),
     pam_authtok_check(5),                    pam_authtok_get(5),
     pam_authtok_store(5),      pam_dhkeys(5),       pam_unix(5),
     pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5)


NOTES

     The interfaces in libpam(3LIB)  are  MT-Safe  only  if  each
     thread  within  the  multi-threaded application uses its own
     PAM handle.

     This module relies on the value of  the  current  real  UID,
     this  module  is  only  safe  for MT-applications that don't
     change UIDs during the call to pam_authenticate(3PAM).

     The pam_unix(5) module might not be supported  in  a  future
     release.    Similar    functionality    is    provided    by
     pam_authtok_check(5),                    pam_authtok_get(5),
     pam_authtok_store(5),   pam_dhkeys(5),   pam_passwd_auth(5),
     pam_unix_account(5),          pam_unix_auth(5),          and
     pam_unix_session(5).


Man(1) output converted with man2html