summaryrefslogtreecommitdiffstats
path: root/doc/man/pam_start.3
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--doc/man/pam_start.3117
-rw-r--r--doc/man/pam_start.3.xml167
2 files changed, 284 insertions, 0 deletions
diff --git a/doc/man/pam_start.3 b/doc/man/pam_start.3
new file mode 100644
index 0000000..35ba148
--- /dev/null
+++ b/doc/man/pam_start.3
@@ -0,0 +1,117 @@
+'\" t
+.\" Title: pam_start
+.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
+.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
+.\" Date: 09/03/2021
+.\" Manual: Linux-PAM Manual
+.\" Source: Linux-PAM Manual
+.\" Language: English
+.\"
+.TH "PAM_START" "3" "09/03/2021" "Linux-PAM Manual" "Linux-PAM Manual"
+.\" -----------------------------------------------------------------
+.\" * Define some portability stuff
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" http://bugs.debian.org/507673
+.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "NAME"
+pam_start, pam_start_confdir \- initialization of PAM transaction
+.SH "SYNOPSIS"
+.sp
+.ft B
+.nf
+#include <security/pam_appl\&.h>
+.fi
+.ft
+.HP \w'int\ pam_start('u
+.BI "int pam_start(const\ char\ *" "service_name" ", const\ char\ *" "user" ", const\ struct\ pam_conv\ *" "pam_conversation" ", pam_handle_t\ **" "pamh" ");"
+.HP \w'int\ pam_start_confdir('u
+.BI "int pam_start_confdir(const\ char\ *" "service_name" ", const\ char\ *" "user" ", const\ struct\ pam_conv\ *" "pam_conversation" ", const\ char\ *" "confdir" ", pam_handle_t\ **" "pamh" ");"
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_start\fR
+function creates the PAM context and initiates the PAM transaction\&. It is the first of the PAM functions that needs to be called by an application\&. The transaction state is contained entirely within the structure identified by this handle, so it is possible to have multiple transactions in parallel\&. But it is not possible to use the same handle for different transactions, a new one is needed for every new context\&.
+.PP
+The
+\fIservice_name\fR
+argument specifies the name of the service to apply and will be stored as PAM_SERVICE item in the new context\&. The policy for the service will be read from the file
+/etc/pam\&.d/service_name
+or, if that file does not exist, from
+/etc/pam\&.conf\&.
+.PP
+The
+\fIuser\fR
+argument can specify the name of the target user and will be stored as PAM_USER item\&. If the argument is NULL, the module has to ask for this item if necessary\&.
+.PP
+The
+\fIpam_conversation\fR
+argument points to a
+\fIstruct pam_conv\fR
+describing the conversation function to use\&. An application must provide this for direct communication between a loaded module and the application\&.
+.PP
+Following a successful return (PAM_SUCCESS) the contents of
+\fIpamh\fR
+is a handle that contains the PAM context for successive calls to the PAM functions\&. In an error case is the content of
+\fIpamh\fR
+undefined\&.
+.PP
+The
+\fIpam_handle_t\fR
+is a blind structure and the application should not attempt to probe it directly for information\&. Instead the PAM library provides the functions
+\fBpam_set_item\fR(3)
+and
+\fBpam_get_item\fR(3)\&. The PAM handle cannot be used for multiple authentications at the same time as long as
+\fBpam_end\fR
+was not called on it before\&.
+.PP
+The
+\fBpam_start_confdir\fR
+function behaves like the
+\fBpam_start\fR
+function but it also allows setting
+\fIconfdir\fR
+argument with a path to a directory to override the default (/etc/pam\&.d) path for service policy files\&. If the
+\fIconfdir\fR
+is NULL, the function works exactly the same as
+\fBpam_start\fR\&.
+.SH "RETURN VALUES"
+.PP
+PAM_ABORT
+.RS 4
+General failure\&.
+.RE
+.PP
+PAM_BUF_ERR
+.RS 4
+Memory buffer error\&.
+.RE
+.PP
+PAM_SUCCESS
+.RS 4
+Transaction was successfully started\&.
+.RE
+.PP
+PAM_SYSTEM_ERR
+.RS 4
+System error, for example a NULL pointer was submitted instead of a pointer to data\&.
+.RE
+.SH "SEE ALSO"
+.PP
+\fBpam_get_data\fR(3),
+\fBpam_set_data\fR(3),
+\fBpam_end\fR(3),
+\fBpam_strerror\fR(3)
diff --git a/doc/man/pam_start.3.xml b/doc/man/pam_start.3.xml
new file mode 100644
index 0000000..1d544e6
--- /dev/null
+++ b/doc/man/pam_start.3.xml
@@ -0,0 +1,167 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_start'>
+
+ <refmeta>
+ <refentrytitle>pam_start</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_start-name">
+ <refname>pam_start</refname>
+ <refname>pam_start_confdir</refname>
+ <refpurpose>initialization of PAM transaction</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_start-synopsis">
+ <funcsynopsisinfo>#include &lt;security/pam_appl.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>int <function>pam_start</function></funcdef>
+ <paramdef>const char *<parameter>service_name</parameter></paramdef>
+ <paramdef>const char *<parameter>user</parameter></paramdef>
+ <paramdef>const struct pam_conv *<parameter>pam_conversation</parameter></paramdef>
+ <paramdef>pam_handle_t **<parameter>pamh</parameter></paramdef>
+ </funcprototype>
+ <funcprototype>
+ <funcdef>int <function>pam_start_confdir</function></funcdef>
+ <paramdef>const char *<parameter>service_name</parameter></paramdef>
+ <paramdef>const char *<parameter>user</parameter></paramdef>
+ <paramdef>const struct pam_conv *<parameter>pam_conversation</parameter></paramdef>
+ <paramdef>const char *<parameter>confdir</parameter></paramdef>
+ <paramdef>pam_handle_t **<parameter>pamh</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+
+ <refsect1 id="pam_start-description">
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_start</function> function creates the PAM context
+ and initiates the PAM transaction. It is the first of the PAM
+ functions that needs to be called by an application. The transaction
+ state is contained entirely within the structure identified by this
+ handle, so it is possible to have multiple transactions in parallel.
+ But it is not possible to use the same handle for different
+ transactions, a new one is needed for every new context.
+ </para>
+
+ <para>
+ The <emphasis>service_name</emphasis> argument specifies the name
+ of the service to apply and will be stored as PAM_SERVICE item in
+ the new context. The policy for the service will be read from the
+ file <filename>/etc/pam.d/service_name</filename> or, if that file
+ does not exist, from <filename>/etc/pam.conf</filename>.
+ </para>
+
+ <para>
+ The <emphasis>user</emphasis> argument can specify the name
+ of the target user and will be stored as PAM_USER item. If
+ the argument is NULL, the module has to ask for this item if
+ necessary.
+ </para>
+
+ <para>
+ The <emphasis>pam_conversation</emphasis> argument points to
+ a <emphasis>struct pam_conv</emphasis> describing the
+ conversation function to use. An application must provide this
+ for direct communication between a loaded module and the
+ application.
+ </para>
+
+ <para>
+ Following a successful return (PAM_SUCCESS) the contents of
+ <emphasis>pamh</emphasis> is a handle that contains the PAM
+ context for successive calls to the PAM functions. In an error
+ case is the content of <emphasis>pamh</emphasis> undefined.
+ </para>
+
+ <para>
+ The <emphasis>pam_handle_t</emphasis> is a blind structure and
+ the application should not attempt to probe it directly for
+ information. Instead the PAM library provides the functions
+ <citerefentry>
+ <refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ The PAM handle cannot be used for multiple authentications at the
+ same time as long as <function>pam_end</function> was not called on
+ it before.
+ </para>
+
+ <para>
+ The <function>pam_start_confdir</function> function behaves
+ like the <function>pam_start</function> function but it also
+ allows setting <emphasis>confdir</emphasis> argument with
+ a path to a directory to override the default
+ (<filename>/etc/pam.d</filename>) path for service policy
+ files. If the <emphasis>confdir</emphasis> is NULL, the function
+ works exactly the same as <function>pam_start</function>.
+ </para>
+
+ </refsect1>
+ <refsect1 id="pam_start-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_ABORT</term>
+ <listitem>
+ <para>
+ General failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Transaction was successfully started.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ System error, for example a NULL pointer was submitted
+ instead of a pointer to data.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_start-see_also">
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_get_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_set_data</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_end</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>