diff options
Diffstat (limited to 'contrib/openpam/doc/man')
37 files changed, 1620 insertions, 197 deletions
diff --git a/contrib/openpam/doc/man/Makefile b/contrib/openpam/doc/man/Makefile index f63e24824575..4003d2c845ca 100644 --- a/contrib/openpam/doc/man/Makefile +++ b/contrib/openpam/doc/man/Makefile @@ -35,6 +35,10 @@ # MAN = +MAN += openpam_get_option.3 +MAN += openpam_log.3 +MAN += openpam_set_option.3 +MAN += openpam_ttyconv.3 MAN += pam.3 MAN += pam_acct_mgmt.3 MAN += pam_authenticate.3 @@ -56,10 +60,19 @@ MAN += pam_set_data.3 MAN += pam_set_item.3 MAN += pam_setcred.3 MAN += pam_setenv.3 +MAN += pam_sm_acct_mgmt.3 +MAN += pam_sm_authenticate.3 +MAN += pam_sm_chauthtok.3 +MAN += pam_sm_close_session.3 +MAN += pam_sm_open_session.3 +MAN += pam_sm_setcred.3 MAN += pam_start.3 MAN += pam_strerror.3 MAN += pam_verror.3 MAN += pam_vinfo.3 MAN += pam_vprompt.3 +generate: + (cd ${.CURDIR} && perl -w ../../misc/gendoc.pl ../../lib/*.c >pam.3) + .include <bsd.prog.mk> diff --git a/contrib/openpam/doc/man/openpam_get_option.3 b/contrib/openpam/doc/man/openpam_get_option.3 new file mode 100644 index 000000000000..2fd26b5d6688 --- /dev/null +++ b/contrib/openpam/doc/man/openpam_get_option.3 @@ -0,0 +1,74 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt OPENPAM_GET_OPTION 3 +.Os +.Sh NAME +.Nm openpam_get_option +.Nd returns the value of a module option +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.Ft const char * +.Fn openpam_get_option "pam_handle_t *pamh" "const char *option" +.Sh DESCRIPTION +The +.Nm +function returns the value of the specified +option in the context of the currently executing service module, or +.Dv NULL +if the option is not set or no module is currently executing. +.Sh RETURN VALUES +The +.Nm +function returns +.Dv NULL +on failure. +.Sh SEE ALSO +.Xr pam 3 +.Sh STANDARDS +The +.Nm +function is an OpenPAM extension. +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_log.3 b/contrib/openpam/doc/man/openpam_log.3 new file mode 100644 index 000000000000..c5f07e69a3da --- /dev/null +++ b/contrib/openpam/doc/man/openpam_log.3 @@ -0,0 +1,63 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt OPENPAM_LOG 3 +.Os +.Sh NAME +.Nm openpam_log +.Nd it). Do the next best thing +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.Ft void +.Fn openpam_log "int level" "const char *fmt" "..." +.Sh DESCRIPTION +No description available. +.Sh SEE ALSO +.Xr pam 3 +.Sh STANDARDS +The +.Nm +function is an OpenPAM extension. +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_set_option.3 b/contrib/openpam/doc/man/openpam_set_option.3 new file mode 100644 index 000000000000..5cb501bdeae9 --- /dev/null +++ b/contrib/openpam/doc/man/openpam_set_option.3 @@ -0,0 +1,77 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt OPENPAM_SET_OPTION 3 +.Os +.Sh NAME +.Nm openpam_set_option +.Nd sets the value of a module option +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.Ft int +.Fn openpam_set_option "pam_handle_t *pamh" "const char *option" "const char *value" +.Sh DESCRIPTION +The +.Nm +function sets the specified option in the +context of the currently executing service module. +.Sh RETURN VALUES +The +.Nm +function returns one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_SYSTEM_ERR +System error. +.El +.Sh SEE ALSO +.Xr pam 3 , +.Xr pam_strerror 3 +.Sh STANDARDS +The +.Nm +function is an OpenPAM extension. +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_ttyconv.3 b/contrib/openpam/doc/man/openpam_ttyconv.3 new file mode 100644 index 000000000000..275e0ad50a16 --- /dev/null +++ b/contrib/openpam/doc/man/openpam_ttyconv.3 @@ -0,0 +1,76 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt OPENPAM_TTYCONV 3 +.Os +.Sh NAME +.Nm openpam_ttyconv +.Nd simple tty-based conversation function +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.Ft int +.Fn openpam_ttyconv "int n" "const struct pam_message **msg" "struct pam_response **resp" "void *data" +.Sh DESCRIPTION +No description available. +.Sh RETURN VALUES +The +.Nm +function returns one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. +.El +.Sh SEE ALSO +.Xr pam 3 , +.Xr pam_strerror 3 +.Sh STANDARDS +The +.Nm +function is an OpenPAM extension. +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam.3 b/contrib/openpam/doc/man/pam.3 index 02141b1f418d..9d4580d56ce6 100644 --- a/contrib/openpam/doc/man/pam.3 +++ b/contrib/openpam/doc/man/pam.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM 3 .Os .Sh NAME @@ -82,7 +82,7 @@ .Ft int .Fn pam_get_authtok "pam_handle_t *pamh" "const char **authtok" "const char *prompt" .Ft int -.Fn pam_get_data "pam_handle_t *pamh" "const char *module_data_name" "void **data" +.Fn pam_get_data "pam_handle_t *pamh" "const char *module_data_name" "const void **data" .Ft int .Fn pam_get_item "pam_handle_t *pamh" "int item_type" "const void **item" .Ft int @@ -119,6 +119,71 @@ .Fn pam_vprompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "va_list ap" .Sh DESCRIPTION .Sh RETURN VALUES +The following return codes are defined in the +.In security/pam_constants.h +header: +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_ACCT_EXPIRED +User accound has expired. +.It Bq Er PAM_AUTHINFO_UNAVAIL +Authentication information is unavailable. +.It Bq Er PAM_AUTHTOK_DISABLE_AGING +Authentication token aging disabled. +.It Bq Er PAM_AUTHTOK_ERR +Authentication token failure. +.It Bq Er PAM_AUTHTOK_EXPIRED +Password has expired. +.It Bq Er PAM_AUTHTOK_LOCK_BUSY +Authentication token lock busy. +.It Bq Er PAM_AUTHTOK_RECOVERY_ERR +Failed to recover old authentication token. +.It Bq Er PAM_AUTH_ERR +Authentication error. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_CRED_ERR +Failed to set user credentials. +.It Bq Er PAM_CRED_EXPIRED +User credentials have expired. +.It Bq Er PAM_CRED_INSUFFICIENT +Insufficient credentials. +.It Bq Er PAM_CRED_UNAVAIL +Failed to retrieve user credentials. +.It Bq Er PAM_DOMAIN_UNKNOWN +Unknown authentication domain. +.It Bq Er PAM_IGNORE +Ignore this module. +.It Bq Er PAM_MAXTRIES +Maximum number of tries exceeded. +.It Bq Er PAM_MODULE_UNKNOWN +Unknown module type. +.It Bq Er PAM_NEW_AUTHTOK_REQD +New authentication token required. +.It Bq Er PAM_NO_MODULE_DATA +Module data not found. +.It Bq Er PAM_OPEN_ERR +Failed to load module. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SESSION_ERR +Session failure. +.It Bq Er PAM_SUCCESS +Success. +.It Bq Er PAM_SYMBOL_ERR +Invalid symbol. +.It Bq Er PAM_SYSTEM_ERR +System error. +.It Bq Er PAM_TRY_AGAIN +Try again. +.It Bq Er PAM_USER_UNKNOWN +Unknown user. +.El .Sh SEE ALSO .Xr pam_acct_mgmt 3 , .Xr pam_authenticate 3 , diff --git a/contrib/openpam/doc/man/pam_acct_mgmt.3 b/contrib/openpam/doc/man/pam_acct_mgmt.3 index 88b54f6ad19e..3ec445a5217f 100644 --- a/contrib/openpam/doc/man/pam_acct_mgmt.3 +++ b/contrib/openpam/doc/man/pam_acct_mgmt.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_ACCT_MGMT 3 .Os .Sh NAME @@ -46,18 +46,36 @@ .Ft int .Fn pam_acct_mgmt "pam_handle_t *pamh" "int flags" .Sh DESCRIPTION -The -.Nm -function is not yet documented. +No description available. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_ACCT_EXPIRED +User accound has expired. +.It Bq Er PAM_AUTH_ERR +Authentication error. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_NEW_AUTHTOK_REQD +New authentication token required. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SYSTEM_ERR +System error. +.It Bq Er PAM_USER_UNKNOWN +Unknown user. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_authenticate.3 b/contrib/openpam/doc/man/pam_authenticate.3 index 1885376ca17d..137bf05acc4f 100644 --- a/contrib/openpam/doc/man/pam_authenticate.3 +++ b/contrib/openpam/doc/man/pam_authenticate.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_AUTHENTICATE 3 .Os .Sh NAME @@ -46,18 +46,38 @@ .Ft int .Fn pam_authenticate "pam_handle_t *pamh" "int flags" .Sh DESCRIPTION -The -.Nm -function is not yet documented. +No description available. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_AUTHINFO_UNAVAIL +Authentication information is unavailable. +.It Bq Er PAM_AUTH_ERR +Authentication error. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_CRED_INSUFFICIENT +Insufficient credentials. +.It Bq Er PAM_MAXTRIES +Maximum number of tries exceeded. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SYSTEM_ERR +System error. +.It Bq Er PAM_USER_UNKNOWN +Unknown user. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_chauthtok.3 b/contrib/openpam/doc/man/pam_chauthtok.3 index a287f3857ca3..9566f01dc971 100644 --- a/contrib/openpam/doc/man/pam_chauthtok.3 +++ b/contrib/openpam/doc/man/pam_chauthtok.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_CHAUTHTOK 3 .Os .Sh NAME @@ -46,18 +46,36 @@ .Ft int .Fn pam_chauthtok "pam_handle_t *pamh" "int flags" .Sh DESCRIPTION -The -.Nm -function is not yet documented. +No description available. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_AUTHTOK_DISABLE_AGING +Authentication token aging disabled. +.It Bq Er PAM_AUTHTOK_ERR +Authentication token failure. +.It Bq Er PAM_AUTHTOK_LOCK_BUSY +Authentication token lock busy. +.It Bq Er PAM_AUTHTOK_RECOVERY_ERR +Failed to recover old authentication token. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_close_session.3 b/contrib/openpam/doc/man/pam_close_session.3 index ba91ab3e10f4..ea689b71d683 100644 --- a/contrib/openpam/doc/man/pam_close_session.3 +++ b/contrib/openpam/doc/man/pam_close_session.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_CLOSE_SESSION 3 .Os .Sh NAME @@ -46,18 +46,30 @@ .Ft int .Fn pam_close_session "pam_handle_t *pamh" "int flags" .Sh DESCRIPTION -The -.Nm -function is not yet documented. +No description available. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SESSION_ERR +Session failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_end.3 b/contrib/openpam/doc/man/pam_end.3 index 141aa8390f4d..e500697b2878 100644 --- a/contrib/openpam/doc/man/pam_end.3 +++ b/contrib/openpam/doc/man/pam_end.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_END 3 .Os .Sh NAME @@ -48,16 +48,26 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function terminates a PAM transaction and destroys the +corresponding PAM context, releasing all resources allocated to it. +.Pp +The +.Va status +argument should be set to the error code returned by the +last API call before the call to +.Nm +. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_error.3 b/contrib/openpam/doc/man/pam_error.3 index f0216f1ba20f..8b514aba6fc5 100644 --- a/contrib/openpam/doc/man/pam_error.3 +++ b/contrib/openpam/doc/man/pam_error.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_ERROR 3 .Os .Sh NAME @@ -47,22 +47,32 @@ .Fn pam_error "pam_handle_t *pamh" "const char *fmt" "..." .Sh DESCRIPTION The -.Nm -function is not yet documented. +.Xr pam_info 3 +function displays an error message through the +intermediary of the given PAM context's conversation function. +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO +.Xr pam 3 , +.Xr pam_info 3 , +.Xr pam_prompt 3 , .Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam_verror 3 .Sh STANDARDS -.Rs -.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" -.%D "June 1997" -.Re +The +.Nm +function is an OpenPAM extension. .Sh AUTHORS The .Nm diff --git a/contrib/openpam/doc/man/pam_get_authtok.3 b/contrib/openpam/doc/man/pam_get_authtok.3 index 3bfb70d3a4ef..e965173cadb1 100644 --- a/contrib/openpam/doc/man/pam_get_authtok.3 +++ b/contrib/openpam/doc/man/pam_get_authtok.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_GET_AUTHTOK 3 .Os .Sh NAME @@ -46,23 +46,26 @@ .Ft int .Fn pam_get_authtok "pam_handle_t *pamh" "const char **authtok" "const char *prompt" .Sh DESCRIPTION -The -.Nm -function is not yet documented. +No description available. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS -.Rs -.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" -.%D "June 1997" -.Re +The +.Nm +function is an OpenPAM extension. .Sh AUTHORS The .Nm diff --git a/contrib/openpam/doc/man/pam_get_data.3 b/contrib/openpam/doc/man/pam_get_data.3 index b622f383f743..779806584305 100644 --- a/contrib/openpam/doc/man/pam_get_data.3 +++ b/contrib/openpam/doc/man/pam_get_data.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_GET_DATA 3 .Os .Sh NAME @@ -44,20 +44,39 @@ .Sh SYNOPSIS .In security/pam_appl.h .Ft int -.Fn pam_get_data "pam_handle_t *pamh" "const char *module_data_name" "void **data" +.Fn pam_get_data "pam_handle_t *pamh" "const char *module_data_name" "const void **data" .Sh DESCRIPTION The .Nm -function is not yet documented. +function looks up the opaque object associated with +the string specified by the +.Va module_data_name +argument, in the PAM +context specified by the +.Va pamh +argument. +A pointer to the object is stored in the location pointed to by the +.Va data +argument. +.Pp +This function and its counterpart +.Xr pam_set_data 3 +are useful for managing +data that are meaningful only to a particular service module. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_NO_MODULE_DATA +Module data not found. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_set_data 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_get_item.3 b/contrib/openpam/doc/man/pam_get_item.3 index 3f337fd4ca46..2ea942e0873d 100644 --- a/contrib/openpam/doc/man/pam_get_item.3 +++ b/contrib/openpam/doc/man/pam_get_item.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_GET_ITEM 3 .Os .Sh NAME @@ -48,16 +48,64 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function stores a pointer to the item specified by +the +.Va item_type +argument in the location specified by the +.Va item +argument. +The item is retrieved from the PAM context specified by the +.Va pamh +argument. +The following item types are recognized: +.Bl -tag -width 18n +.It Dv PAM_SERVICE +The name of the requesting service. +.It Dv PAM_USER +The name of the user the application is trying to +authenticate. +.It Dv PAM_TTY +The name of the current terminal. +.It Dv PAM_RHOST +The name of the applicant's host. +.It Dv PAM_CONV +A +.Vt struct pam_conv +describing the current conversation +function. +.It Dv PAM_AUTHTOK +The current authentication token. +.It Dv PAM_OLDAUTHTOK +The expired authentication token. +.It Dv PAM_RUSER +The name of the applicant. +.It Dv PAM_USER_PROMPT +The prompt to use when asking the applicant for a user +name to authenticate as. +.It Dv PAM_AUTHTOK_PROMPT +The prompt to use when asking the applicant for an +authentication token. +.El +See +.Xr pam_start 3 +for a description of +.Vt struct pam_conv . +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_SYMBOL_ERR +Invalid symbol. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_set_item 3 , +.Xr pam_start 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_get_user.3 b/contrib/openpam/doc/man/pam_get_user.3 index 8d8fa30b57dc..fc2c54f83a47 100644 --- a/contrib/openpam/doc/man/pam_get_user.3 +++ b/contrib/openpam/doc/man/pam_get_user.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_GET_USER 3 .Os .Sh NAME @@ -46,18 +46,22 @@ .Ft int .Fn pam_get_user "pam_handle_t *pamh" "const char **user" "const char *prompt" .Sh DESCRIPTION -The -.Nm -function is not yet documented. +No description available. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_getenv.3 b/contrib/openpam/doc/man/pam_getenv.3 index dd0359ded611..9d58af13460d 100644 --- a/contrib/openpam/doc/man/pam_getenv.3 +++ b/contrib/openpam/doc/man/pam_getenv.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_GETENV 3 .Os .Sh NAME @@ -48,16 +48,24 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function returns the value of an environment variable. +Its semantics are similar to those of +.Xr getenv 3 , +but it accesses the PAM +context's environment list instead of the application's. +.Pp .Sh RETURN VALUES The -.Fn -function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING -.El +.Nm +function returns +.Dv NULL +on failure. .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr getenv 3 , +.Xr pam 3 , +.Xr pam_getenvlist 3 , +.Xr pam_putenv 3 , +.Xr pam_setenv 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_getenvlist.3 b/contrib/openpam/doc/man/pam_getenvlist.3 index 2fc85e28d61c..cafa10084769 100644 --- a/contrib/openpam/doc/man/pam_getenvlist.3 +++ b/contrib/openpam/doc/man/pam_getenvlist.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_GETENVLIST 3 .Os .Sh NAME @@ -48,16 +48,45 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function returns a copy of the given PAM context's +environment list as a pointer to an array of strings. +The last element in the array is +.Dv NULL . +The pointer is suitable for assignment to +.Va environ . +.Pp +The array and the strings it lists are allocated using +.Xr malloc 3 , +and +should be released using +.Xr free 3 +after use: +.Pp +.Bd -literal + char **envlist, **env; + + envlist = environ; + environ = pam_getenvlist(pamh); + /* do something nifty */ + for (env = environ; *env != NULL; env++) + free(*env); + free(environ); + environ = envlist; + .Sh RETURN VALUES The -.Fn -function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING -.El +.Nm +function returns +.Dv NULL +on failure. .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr environ 7 , +.Xr free 3 , +.Xr malloc 3 , +.Xr pam 3 , +.Xr pam_getenv 3 , +.Xr pam_putenv 3 , +.Xr pam_setenv 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_info.3 b/contrib/openpam/doc/man/pam_info.3 index 573a8a1cb53c..4ea37a7655e3 100644 --- a/contrib/openpam/doc/man/pam_info.3 +++ b/contrib/openpam/doc/man/pam_info.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_INFO 3 .Os .Sh NAME @@ -48,21 +48,31 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function displays an informational message through the +intermediary of the given PAM context's conversation function. +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO +.Xr pam 3 , +.Xr pam_error 3 , +.Xr pam_prompt 3 , .Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam_vinfo 3 .Sh STANDARDS -.Rs -.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" -.%D "June 1997" -.Re +The +.Nm +function is an OpenPAM extension. .Sh AUTHORS The .Nm diff --git a/contrib/openpam/doc/man/pam_open_session.3 b/contrib/openpam/doc/man/pam_open_session.3 index 3db2b1663923..130ead24212d 100644 --- a/contrib/openpam/doc/man/pam_open_session.3 +++ b/contrib/openpam/doc/man/pam_open_session.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_OPEN_SESSION 3 .Os .Sh NAME @@ -46,18 +46,30 @@ .Ft int .Fn pam_open_session "pam_handle_t *pamh" "int flags" .Sh DESCRIPTION -The -.Nm -function is not yet documented. +No description available. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SESSION_ERR +Session failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_prompt.3 b/contrib/openpam/doc/man/pam_prompt.3 index e3ebef896722..177af78f1e70 100644 --- a/contrib/openpam/doc/man/pam_prompt.3 +++ b/contrib/openpam/doc/man/pam_prompt.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_PROMPT 3 .Os .Sh NAME @@ -48,21 +48,43 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function constructs a message from the specified format +string and arguments and passes it to the given PAM context's +conversation function. +.Pp +A pointer to the response, or +.Dv NULL +if the conversation function did +not return one, is stored in the location pointed to by the +.Va resp +argument. +.Pp +See +.Xr pam_vprompt 3 +for further details. +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO +.Xr pam 3 , +.Xr pam_error 3 , +.Xr pam_info 3 , .Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam_vprompt 3 .Sh STANDARDS -.Rs -.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" -.%D "June 1997" -.Re +The +.Nm +function is an OpenPAM extension. .Sh AUTHORS The .Nm diff --git a/contrib/openpam/doc/man/pam_putenv.3 b/contrib/openpam/doc/man/pam_putenv.3 index 7193b96512db..33ba9924ce31 100644 --- a/contrib/openpam/doc/man/pam_putenv.3 +++ b/contrib/openpam/doc/man/pam_putenv.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_PUTENV 3 .Os .Sh NAME @@ -48,16 +48,29 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function sets a environment variable. +Its semantics are similar to those of +.Xr putenv 3 , +but it modifies the PAM +context's environment list instead of the application's. +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO +.Xr pam 3 , +.Xr pam_getenv 3 , +.Xr pam_getenvlist 3 , +.Xr pam_setenv 3 , .Xr pam_strerror 3 , -.Xr pam 3 +.Xr putenv 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_set_data.3 b/contrib/openpam/doc/man/pam_set_data.3 index b179cb98e579..811b59a0e1c3 100644 --- a/contrib/openpam/doc/man/pam_set_data.3 +++ b/contrib/openpam/doc/man/pam_set_data.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_SET_DATA 3 .Os .Sh NAME @@ -48,16 +48,40 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function associates a pointer to an opaque object +with an arbitrary string specified by the +.Va module_data_name +argument, +in the PAM context specified by the +.Va pamh +argument. +.Pp +If not +.Dv NULL , +the +.Xr cleanup 3 +argument should point to a function +responsible for releasing the resources associated with the object. +.Pp +This function and its counterpart +.Xr pam_get_data 3 +are useful for managing +data that are meaningful only to a particular service module. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr cleanup 3 , +.Xr pam 3 , +.Xr pam_get_data 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_set_item.3 b/contrib/openpam/doc/man/pam_set_item.3 index eb4570514695..b6b08e758f68 100644 --- a/contrib/openpam/doc/man/pam_set_item.3 +++ b/contrib/openpam/doc/man/pam_set_item.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_SET_ITEM 3 .Os .Sh NAME @@ -48,16 +48,33 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function sets the item specified by the +.Va item_type +argument to a copy of the object pointed to by the +.Va item +argument. +The item is stored in the PAM context specified by the +.Va pamh +argument. +See +.Xr pam_get_item 3 +for a list of recognized item types. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_SYMBOL_ERR +Invalid symbol. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_get_item 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_setcred.3 b/contrib/openpam/doc/man/pam_setcred.3 index 65913c55cb21..b41b62bb8322 100644 --- a/contrib/openpam/doc/man/pam_setcred.3 +++ b/contrib/openpam/doc/man/pam_setcred.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_SETCRED 3 .Os .Sh NAME @@ -48,16 +48,48 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function manages the application's credentials. +The operation to perform is specified by the +.Va flags +argument: +.Bl -tag -width 18n +.It PAM_ESTABLISH_CRED +Establish the credentials of the target user. +.It PAM_DELETE_CRED +Revoke all established credentials. +.It PAM_REINITIALISE_CRED +Fully reinitialise credentials. +.It PAM_REFRESH_CRED +Refresh credentials. .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_CRED_ERR +Failed to set user credentials. +.It Bq Er PAM_CRED_EXPIRED +User credentials have expired. +.It Bq Er PAM_CRED_UNAVAIL +Failed to retrieve user credentials. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SYSTEM_ERR +System error. +.It Bq Er PAM_USER_UNKNOWN +Unknown user. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_setenv.3 b/contrib/openpam/doc/man/pam_setenv.3 index c2425e355491..f2bbf2cf59c2 100644 --- a/contrib/openpam/doc/man/pam_setenv.3 +++ b/contrib/openpam/doc/man/pam_setenv.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_SETENV 3 .Os .Sh NAME @@ -48,21 +48,33 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function sets a environment variable. +Its semantics are similar to those of +.Xr setenv 3 , +but it modifies the PAM +context's environment list instead of the application's. +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO +.Xr pam 3 , +.Xr pam_getenv 3 , +.Xr pam_getenvlist 3 , +.Xr pam_putenv 3 , .Xr pam_strerror 3 , -.Xr pam 3 +.Xr setenv 3 .Sh STANDARDS -.Rs -.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" -.%D "June 1997" -.Re +The +.Nm +function is an OpenPAM extension. .Sh AUTHORS The .Nm diff --git a/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 b/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 new file mode 100644 index 000000000000..0dcaabab21a0 --- /dev/null +++ b/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 @@ -0,0 +1,100 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt PAM_SM_ACCT_MGMT 3 +.Os +.Sh NAME +.Nm pam_sm_acct_mgmt +.Nd service module implementation for pam_acct_mgmt +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.In security/pam_modules.h +.Ft int +.Fn pam_sm_acct_mgmt "pam_handle_t *pamh" "int flags" "int argc" "const char **argv" +.Sh DESCRIPTION +The +.Nm +function is the service module's implementation +of the +.Xr pam_acct_mgmt 3 +API function. +.Sh RETURN VALUES +The +.Nm +function returns one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_ACCT_EXPIRED +User accound has expired. +.It Bq Er PAM_AUTH_ERR +Authentication error. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_IGNORE +Ignore this module. +.It Bq Er PAM_NEW_AUTHTOK_REQD +New authentication token required. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SYSTEM_ERR +System error. +.It Bq Er PAM_USER_UNKNOWN +Unknown user. +.El +.Sh SEE ALSO +.Xr pam 3 , +.Xr pam_acct_mgmt 3 , +.Xr pam_strerror 3 +.Sh STANDARDS +.Rs +.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" +.%D "June 1997" +.Re +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_authenticate.3 b/contrib/openpam/doc/man/pam_sm_authenticate.3 new file mode 100644 index 000000000000..f97f49fe57de --- /dev/null +++ b/contrib/openpam/doc/man/pam_sm_authenticate.3 @@ -0,0 +1,102 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt PAM_SM_AUTHENTICATE 3 +.Os +.Sh NAME +.Nm pam_sm_authenticate +.Nd service module implementation for pam_authenticate +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.In security/pam_modules.h +.Ft int +.Fn pam_sm_authenticate "pam_handle_t *pamh" "int flags" "int argc" "const char **argv" +.Sh DESCRIPTION +The +.Nm +function is the service module's +implementation of the +.Xr pam_authenticate 3 +API function. +.Sh RETURN VALUES +The +.Nm +function returns one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_AUTHINFO_UNAVAIL +Authentication information is unavailable. +.It Bq Er PAM_AUTH_ERR +Authentication error. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_CRED_INSUFFICIENT +Insufficient credentials. +.It Bq Er PAM_IGNORE +Ignore this module. +.It Bq Er PAM_MAXTRIES +Maximum number of tries exceeded. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SYSTEM_ERR +System error. +.It Bq Er PAM_USER_UNKNOWN +Unknown user. +.El +.Sh SEE ALSO +.Xr pam 3 , +.Xr pam_authenticate 3 , +.Xr pam_strerror 3 +.Sh STANDARDS +.Rs +.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" +.%D "June 1997" +.Re +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_chauthtok.3 b/contrib/openpam/doc/man/pam_sm_chauthtok.3 new file mode 100644 index 000000000000..fe580784ad49 --- /dev/null +++ b/contrib/openpam/doc/man/pam_sm_chauthtok.3 @@ -0,0 +1,100 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt PAM_SM_CHAUTHTOK 3 +.Os +.Sh NAME +.Nm pam_sm_chauthtok +.Nd service module implementation for pam_chauthtok +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.In security/pam_modules.h +.Ft int +.Fn pam_sm_chauthtok "pam_handle_t *pamh" "int flags" "int argc" "const char **argv" +.Sh DESCRIPTION +The +.Nm +function is the service module's implementation +of the +.Xr pam_chauthtok 3 +API function. +.Sh RETURN VALUES +The +.Nm +function returns one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_AUTHTOK_DISABLE_AGING +Authentication token aging disabled. +.It Bq Er PAM_AUTHTOK_ERR +Authentication token failure. +.It Bq Er PAM_AUTHTOK_LOCK_BUSY +Authentication token lock busy. +.It Bq Er PAM_AUTHTOK_RECOVERY_ERR +Failed to recover old authentication token. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_IGNORE +Ignore this module. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SYSTEM_ERR +System error. +.El +.Sh SEE ALSO +.Xr pam 3 , +.Xr pam_chauthtok 3 , +.Xr pam_strerror 3 +.Sh STANDARDS +.Rs +.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" +.%D "June 1997" +.Re +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_close_session.3 b/contrib/openpam/doc/man/pam_sm_close_session.3 new file mode 100644 index 000000000000..4e12e390737d --- /dev/null +++ b/contrib/openpam/doc/man/pam_sm_close_session.3 @@ -0,0 +1,94 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt PAM_SM_CLOSE_SESSION 3 +.Os +.Sh NAME +.Nm pam_sm_close_session +.Nd service module implementation for pam_close_session +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.In security/pam_modules.h +.Ft int +.Fn pam_sm_close_session "pam_handle_t *pamh" "int flags" "int args" "const char **argv" +.Sh DESCRIPTION +The +.Nm +function is the service module's +implementation of the +.Xr pam_close_session 3 +API function. +.Sh RETURN VALUES +The +.Nm +function returns one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_IGNORE +Ignore this module. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SESSION_ERR +Session failure. +.It Bq Er PAM_SYSTEM_ERR +System error. +.El +.Sh SEE ALSO +.Xr pam 3 , +.Xr pam_close_session 3 , +.Xr pam_strerror 3 +.Sh STANDARDS +.Rs +.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" +.%D "June 1997" +.Re +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_open_session.3 b/contrib/openpam/doc/man/pam_sm_open_session.3 new file mode 100644 index 000000000000..507ce5039ff7 --- /dev/null +++ b/contrib/openpam/doc/man/pam_sm_open_session.3 @@ -0,0 +1,94 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt PAM_SM_OPEN_SESSION 3 +.Os +.Sh NAME +.Nm pam_sm_open_session +.Nd service module implementation for pam_open_session +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.In security/pam_modules.h +.Ft int +.Fn pam_sm_open_session "pam_handle_t *pamh" "int flags" "int argc" "const char **argv" +.Sh DESCRIPTION +The +.Nm +function is the service module's +implementation of the +.Xr pam_open_session 3 +API function. +.Sh RETURN VALUES +The +.Nm +function returns one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_IGNORE +Ignore this module. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SESSION_ERR +Session failure. +.It Bq Er PAM_SYSTEM_ERR +System error. +.El +.Sh SEE ALSO +.Xr pam 3 , +.Xr pam_open_session 3 , +.Xr pam_strerror 3 +.Sh STANDARDS +.Rs +.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" +.%D "June 1997" +.Re +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_setcred.3 b/contrib/openpam/doc/man/pam_sm_setcred.3 new file mode 100644 index 000000000000..9cd4650aa8ab --- /dev/null +++ b/contrib/openpam/doc/man/pam_sm_setcred.3 @@ -0,0 +1,100 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" NAI Labs, the Security Research Division of Network Associates, Inc. +.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the +.\" DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd February 22, 2002 +.Dt PAM_SM_SETCRED 3 +.Os +.Sh NAME +.Nm pam_sm_setcred +.Nd service module implementation for pam_setcred +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.In security/pam_modules.h +.Ft int +.Fn pam_sm_setcred "pam_handle_t *pamh" "int flags" "int argc" "const char **argv" +.Sh DESCRIPTION +The +.Nm +function is the service module's implementation of +the +.Xr pam_setcred 3 +API function. +.Sh RETURN VALUES +The +.Nm +function returns one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_ABORT +General failure. +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_CRED_ERR +Failed to set user credentials. +.It Bq Er PAM_CRED_EXPIRED +User credentials have expired. +.It Bq Er PAM_CRED_UNAVAIL +Failed to retrieve user credentials. +.It Bq Er PAM_IGNORE +Ignore this module. +.It Bq Er PAM_PERM_DENIED +Permission denied. +.It Bq Er PAM_SERVICE_ERR +Error in service module. +.It Bq Er PAM_SYSTEM_ERR +System error. +.It Bq Er PAM_USER_UNKNOWN +Unknown user. +.El +.Sh SEE ALSO +.Xr pam 3 , +.Xr pam_setcred 3 , +.Xr pam_strerror 3 +.Sh STANDARDS +.Rs +.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" +.%D "June 1997" +.Re +.Sh AUTHORS +The +.Nm +function and this manual page were developed for the FreeBSD Project +by ThinkSec AS and NAI Labs, the Security Research Division of Network +Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_start.3 b/contrib/openpam/doc/man/pam_start.3 index 3eb5212e94e1..74a230603708 100644 --- a/contrib/openpam/doc/man/pam_start.3 +++ b/contrib/openpam/doc/man/pam_start.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_START 3 .Os .Sh NAME @@ -48,16 +48,54 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function creates and initializes a PAM context. +.Pp +The +.Va service +argument specifies the name of the policy to apply, and is +stored in the +.Dv PAM_SERVICE +item in the created context. +.Pp +The +.Va user +argument specifies the name of the target user - the user the +created context will serve to authenticate. +It is stored in the +.Dv PAM_USER +item in the created context. +.Pp +The +.Va pam_conv +argument points to a +.Vt struct pam_conv +describing the +conversation function to use. +This structure is defined as follows: +.Pp +.Bd -literal + struct pam_conv { + int (*conv)(int, const struct pam_message **, + struct pam_response **, void *); + void *appdata_ptr; + }; + .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO -.Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam 3 , +.Xr pam_end 3 , +.Xr pam_get_item 3 , +.Xr pam_set_item 3 , +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" diff --git a/contrib/openpam/doc/man/pam_strerror.3 b/contrib/openpam/doc/man/pam_strerror.3 index 55e1e82f0c03..74445fd5813b 100644 --- a/contrib/openpam/doc/man/pam_strerror.3 +++ b/contrib/openpam/doc/man/pam_strerror.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_STRERROR 3 .Os .Sh NAME @@ -48,15 +48,19 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function returns a pointer to a string containing a +textual description of the error indicated by the +.Va error_number +argument, in the context of the PAM transaction described by the +.Va pamh +argument. .Sh RETURN VALUES The -.Fn -function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING -.El +.Nm +function returns +.Dv NULL +on failure. .Sh SEE ALSO -.Xr pam_strerror 3 , .Xr pam 3 .Sh STANDARDS .Rs diff --git a/contrib/openpam/doc/man/pam_verror.3 b/contrib/openpam/doc/man/pam_verror.3 index eb74d4db9863..6b0b791f6c80 100644 --- a/contrib/openpam/doc/man/pam_verror.3 +++ b/contrib/openpam/doc/man/pam_verror.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_VERROR 3 .Os .Sh NAME @@ -48,21 +48,37 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function passes its arguments to +.Xr pam_vprompt 3 +with a +.Xr style 3 +argument of +.Dv PAM_ERROR_MSG , +and discards the response. +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO +.Xr 3 , +.Xr pam 3 , +.Xr pam_error 3 , .Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam_vinfo 3 , +.Xr pam_vprompt 3 .Sh STANDARDS -.Rs -.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" -.%D "June 1997" -.Re +The +.Nm +function is an OpenPAM extension. .Sh AUTHORS The .Nm diff --git a/contrib/openpam/doc/man/pam_vinfo.3 b/contrib/openpam/doc/man/pam_vinfo.3 index bbd7efbc5bca..7a5a61db4123 100644 --- a/contrib/openpam/doc/man/pam_vinfo.3 +++ b/contrib/openpam/doc/man/pam_vinfo.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_VINFO 3 .Os .Sh NAME @@ -48,21 +48,37 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function passes its arguments to +.Xr pam_vprompt 3 +with a +.Xr style 3 +argument of +.Dv PAM_TEXT_INFO , +and discards the response. +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO +.Xr 3 , +.Xr pam 3 , +.Xr pam_info 3 , .Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam_verror 3 , +.Xr pam_vprompt 3 .Sh STANDARDS -.Rs -.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" -.%D "June 1997" -.Re +The +.Nm +function is an OpenPAM extension. .Sh AUTHORS The .Nm diff --git a/contrib/openpam/doc/man/pam_vprompt.3 b/contrib/openpam/doc/man/pam_vprompt.3 index e6e29a37fdb7..1f6e59a5e92e 100644 --- a/contrib/openpam/doc/man/pam_vprompt.3 +++ b/contrib/openpam/doc/man/pam_vprompt.3 @@ -33,7 +33,7 @@ .\" .\" $Id$ .\" -.Dd February 9, 2002 +.Dd February 22, 2002 .Dt PAM_VPROMPT 3 .Os .Sh NAME @@ -48,21 +48,71 @@ .Sh DESCRIPTION The .Nm -function is not yet documented. +function constructs a string from the +.Va fmt +and +.Va ap +arguments using +.Xr vsnprintf 3 , +and passes it to the given PAM context's +conversation function. +.Pp +The +.Va style +argument specifies the type of interaction requested, and +must be one of the following: +.Bl -tag -width 18n +.It Dv PAM_PROMPT_ECHO_OFF +Display the message and obtain the user's response without +displaying it. +.It Dv PAM_PROMPT_ECHO_ON +Display the message and obtain the user's response. +.It Dv PAM_ERROR_MSG +Display the message as an error message, and do not wait +for a response. +.It Dv PAM_TEXT_INFO +Display the message as an informational message, and do +not wait for a response. +.El +A pointer to the response, or +.Dv NULL +if the conversation function did +not return one, is stored in the location pointed to by the +.Va resp +argument. +.Pp +The message and response should not exceed +.Dv PAM_MAX_MSG_SIZE +or +.Dv PAM_MAX_RESP_SIZE , +respectively. +If they do, they may be truncated. +.Pp .Sh RETURN VALUES The -.Fn +.Nm function returns one of the following values: -.Bl -tag -width PAM_AUTHTOK_DISABLE_AGING +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SYSTEM_ERR +System error. .El .Sh SEE ALSO +.Xr pam 3 , +.Xr pam_error 3 , +.Xr pam_info 3 , +.Xr pam_prompt 3 , .Xr pam_strerror 3 , -.Xr pam 3 +.Xr pam_verror 3 , +.Xr pam_vinfo 3 , +.Xr vsnprintf 3 .Sh STANDARDS -.Rs -.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" -.%D "June 1997" -.Re +The +.Nm +function is an OpenPAM extension. .Sh AUTHORS The .Nm |