| PAM_AUTHTOK_STORE(7) | Standards, Environments, and Macros | PAM_AUTHTOK_STORE(7) |
pam_authtok_store - password management module
pam_authtok_store.so.1
pam_authtok_store provides functionality to the PAM password management stack. It provides one function: pam_sm_chauthtok().
When invoked with flags set to PAM_UPDATE_AUTHTOK, this module updates the authentication token for the user specified by PAM_USER.
The authentication token PAM_OLDAUTHTOK can be used to authenticate the user against repositories that need updating (NIS, LDAP). After successful updates, the new authentication token stored in PAM_AUTHTOK is the user's valid password.
This module honors the PAM_REPOSITORY item, which, if set, specifies which repository is to be updated. If PAM_REPOSITORY is unset, it follows the nsswitch.conf(5).
The following option can be passed to the module:
debug
server_policy
PAM_SUCCESS
PAM_SYSTEM_ERR
See attributes(7) for descriptions of the following attributes:
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
| Interface Stability | Evolving |
| MT Level | MT-Safe with exceptions |
syslog(3C), libpam(3LIB), pam(3PAM), pam_authenticate(3PAM), pam_chauthtok(3PAM), pam.conf(5), attributes(7), pam_authtok_check(7), pam_authtok_get(7), pam_dhkeys(7), pam_passwd_auth(7), pam_unix_account(7), pam_unix_auth(7), pam_unix_session(7)
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.
The pam_unix(7) module is no longer supported. Similar functionality is provided by pam_authtok_check(7), pam_authtok_get(7), pam_authtok_store(7), pam_dhkeys(7), pam_passwd_auth(7), pam_unix_account(7), pam_unix_auth(7), and pam_unix_session(7).
If the PAM_REPOSITORY item_type is set and a service module does not recognize the type, the service module does not process any information, and returns PAM_IGNORE. If the PAM_REPOSITORY item_type is not set, a service module performs its default action.
| January 26, 2004 | OmniOS |