|PAM_AUTHTOK_GET(5)||Standards, Environments, and Macros||PAM_AUTHTOK_GET(5)|
In the first (PRELIM) invocation, the implementation of pam_sm_chauthtok(3PAM) moves the contents of the PAM_AUTHTOK (current authentication token) to PAM_OLDAUTHTOK, and subsequently prompts the user for a new password. This new password is stored in PAM_AUTHTOK.
If a previous module has set PAM_OLDAUTHTOK prior to the invocation of pam_authtok_get, this module turns into a NO-OP and immediately returns PAM_SUCCESS.
In the second (UPDATE) invocation, the user is prompted to Re-enter his password. The pam_sm_chauthtok implementation verifies this reentered password with the password stored in PAM_AUTHTOK. If the passwords match, the module returns PAM_SUCCESS.
The following option can be passed to the module:
The password management service returns the following error codes:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
|MT Level||MT-Safe with exceptions|
The pam_unix(5) module is no longer supported. Similar functionality is provided by pam_authtok_check(5), pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), and pam_unix_session(5).
|April 9, 2016||OmniOS|