Version 1.1.2, 31. August 2010
Abstract
This manual documents what an application developer needs to know
about the Linux-PAM library. It
describes how an application might use the
Linux-PAM library to authenticate
users. In addition it contains a description of the functions
to be found in libpam_misc library, that can
be used in general applications. Finally, it contains some comments
on PAM related security issues for the application developer.
Table of Contents
- 1. Introduction
- 2. Overview
- 3. The public interface to Linux-PAM
- 3.1. What can be expected by the application
- 3.1.1. Initialization of PAM transaction
- 3.1.2. Termination of PAM transaction
- 3.1.3. Setting PAM items
- 3.1.4. Getting PAM items
- 3.1.5. Strings describing PAM error codes
- 3.1.6. Request a delay on failure
- 3.1.7. Authenticating the user
- 3.1.8. Setting user credentials
- 3.1.9. Account validation management
- 3.1.10. Updating authentication tokens
- 3.1.11. Start PAM session management
- 3.1.12. terminating PAM session management
- 3.1.13. Set or change PAM environment variable
- 3.1.14. Get a PAM environment variable
- 3.1.15. Getting the PAM environment
- 3.2. What is expected of an application
- 3.3. Programming notes
- 4. Security issues of Linux-PAM
- 5. A library of miscellaneous helper functions
- 6. Porting legacy applications
- 7. Glossary of PAM related terms
- 8. An example application
- 9. Files
- 10. See also
- 11. Author/acknowledgments
- 12. Copyright information for this document