2 .\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
3 .\" Copyright (c) 2004-2011 Dag-Erling Smørgrav
4 .\" All rights reserved.
6 .\" This software was developed for the FreeBSD Project by ThinkSec AS and
7 .\" Network Associates Laboratories, the Security Research Division of
8 .\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
9 .\" ("CBOSS"), as part of the DARPA CHATS research program.
11 .\" Redistribution and use in source and binary forms, with or without
12 .\" modification, are permitted provided that the following conditions
14 .\" 1. Redistributions of source code must retain the above copyright
15 .\" notice, this list of conditions and the following disclaimer.
16 .\" 2. Redistributions in binary form must reproduce the above copyright
17 .\" notice, this list of conditions and the following disclaimer in the
18 .\" documentation and/or other materials provided with the distribution.
19 .\" 3. The name of the author may not be used to endorse or promote
20 .\" products derived from this software without specific prior written
23 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
42 .Nd perform password related functions within the PAM framework
47 .In security/pam_appl.h
49 .Fn pam_chauthtok "pam_handle_t *pamh" "int flags"
53 function attempts to change the authentication token
54 for the user associated with the pam context specified by the
60 argument is the binary or of zero or more of the following
64 Do not emit any messages.
65 .It Dv PAM_CHANGE_EXPIRED_AUTHTOK
66 Change only those authentication tokens that have expired.
69 If any other bits are set,
76 function returns one of the following values:
80 .It Bq Er PAM_AUTHTOK_DISABLE_AGING
81 Authentication token aging disabled.
82 .It Bq Er PAM_AUTHTOK_ERR
83 Authentication token failure.
84 .It Bq Er PAM_AUTHTOK_LOCK_BUSY
85 Authentication token lock busy.
86 .It Bq Er PAM_AUTHTOK_RECOVERY_ERR
87 Failed to recover old authentication token.
90 .It Bq Er PAM_CONV_ERR
92 .It Bq Er PAM_PERM_DENIED
94 .It Bq Er PAM_SERVICE_ERR
95 Error in service module.
96 .It Bq Er PAM_SYMBOL_ERR
98 .It Bq Er PAM_SYSTEM_ERR
100 .It Bq Er PAM_TRY_AGAIN
108 .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules"
114 function and this manual page were
117 Project by ThinkSec AS and Network Associates Laboratories, the
118 Security Research Division of Network Associates, Inc.\& under
119 DARPA/SPAWAR contract N66001-01-C-8035
121 as part of the DARPA CHATS research program.