The Linux-PAM Application Developers' Guide

Table of Contents

1. Introduction

1.1. Description

1.2. Synopsis

2. Overview

3. The public interface to Linux-PAM

3.1. What can be expected by the application

3.1.1. Initialization of PAM transaction

3.1.2. Termination of PAM transaction

3.1.3. Setting PAM items

3.1.4. Getting PAM items

3.1.5. Strings describing PAM error codes

3.1.6. Request a delay on failure

3.1.7. Authenticating the user

3.1.8. Setting user credentials

3.1.9. Account validation management

3.1.10. Updating authentication tokens

3.1.11. Start PAM session management

3.1.12. terminating PAM session management

3.1.13. Set or change PAM environment variable

3.1.14. Get a PAM environment variable

3.1.15. Getting the PAM environment

3.2. What is expected of an application

3.2.1. The conversation function

3.3. Programming notes

4. Security issues of Linux-PAM

4.1. Care about standard library calls

4.2. Choice of a service name

4.3. The conversation function

4.4. The identity of the user

4.5. Sufficient resources

5. A library of miscellaneous helper functions

5.1. Functions supplied

5.1.1. Text based conversation function

5.1.2. Transcribing an environment to that of PAM

5.1.3. Liberating a locally saved environment

5.1.4. BSD like PAM environment variable setting

6. Porting legacy applications

7. Glossary of PAM related terms

8. An example application

9. Files

10. See also

11. Author/acknowledgments

12. Copyright information for this document