pam_passwd_auth(5)
NAME
pam_passwd_auth - authentication module for password
SYNOPSIS
pam_passwd_auth.so.1
DESCRIPTION
pam_passwd_auth provides authentication functionality to the
password service as implemented by passwd(1). It differs
from the standard PAM authentication modules in its prompt-
ing behavior.
The name of the user whose password attributes are to be
updated must be present in the PAM_USER item. This can be
accomplished due to a previous call to pam_start(3PAM), or
explicitly set by pam_set_item(3PAM). Based on the current
user-id and the repository that is to by updated, the module
determines whether a password is necessary for a successful
update of the password repository, and if so, which password
is required.
The following option can be passed to the module:
debug syslog(3C) debugging information at the LOG_DEBUG
level
nowarn
Turn off warning messages
server_policy
If the account authority for the user, as specified by
PAM_USER, is a server, do not apply the Unix policy
from the passwd entry in the name service switch.
ERRORS
The following error codes are returned:
PAM_BUF_ERR
Memory buffer error
PAM_IGNORE
Ignore module, not participating in result
PAM_SUCCESS
Successfully obtains authentication token
PAM_SYSTEM_ERR
System error
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Interface Stability | Evolving |
|_____________________________|_____________________________|
| MT Level | MT-Safe with exceptions |
|_____________________________|_____________________________|
SEE ALSO
passwd(1), pam(3PAM), pam_authenticate(3PAM),
pam_start(3PAM), pam_set_item(3PAM), syslog(3C),
libpam(3LIB), pam.conf(4), attributes(5),
pam_authtok_check(5), pam_authtok_get(5),
pam_authtok_store(5), pam_dhkeys(5), pam_unix(5),
pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5)
NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each
thread within the multi-threaded application uses its own
PAM handle.
This module relies on the value of the current real UID,
this module is only safe for MT-applications that don't
change UIDs during the call to pam_authenticate(3PAM).
The pam_unix(5) module might not be supported in a future
release. Similar functionality is provided by
pam_authtok_check(5), pam_authtok_get(5),
pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5),
pam_unix_account(5), pam_unix_auth(5), and
pam_unix_session(5).
Man(1) output converted with
man2html