diff options
| author | Andrew G. Morgan <morgan@kernel.org> | 2001-02-05 06:50:41 +0000 |
|---|---|---|
| committer | Andrew G. Morgan <morgan@kernel.org> | 2001-02-05 06:50:41 +0000 |
| commit | 547e42fc5cb7c0208eeb002809c3d270334af114 (patch) | |
| tree | 8c1653cfb589e3d69c80611c3808a47320cdb2fa /doc/pam_appl.sgml | |
| parent | b89c0d4ccae2f48cfa1e28423e2fe86e1d435ec5 (diff) | |
| download | pam-547e42fc5cb7c0208eeb002809c3d270334af114.tar.gz pam-547e42fc5cb7c0208eeb002809c3d270334af114.tar.bz2 pam-547e42fc5cb7c0208eeb002809c3d270334af114.zip | |
Relevant BUGIDs: 129775
Purpose of commit: bugfix
Commit summary:
---------------
This bugfix leads to backwardly incompatable behavior with earlier
releases of Linux-PAM.
Note, this cleans up the setcred/session and chauthtok stacks in
such a way that it is no longer preferred that the setcred module
always return the same error code as the auth components of said
modules did.
This means behavior should be a great deal more sane. It also gives
meaning to the unique return codes that are available to pam_sm_setcred.
[I'm sure that when we add support for credential relevant events,
this change will be critical.]
Diffstat (limited to 'doc/pam_appl.sgml')
| -rw-r--r-- | doc/pam_appl.sgml | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/doc/pam_appl.sgml b/doc/pam_appl.sgml index b1010203..9149ecd5 100644 --- a/doc/pam_appl.sgml +++ b/doc/pam_appl.sgml @@ -46,7 +46,7 @@ DAMAGE. <title>The Linux-PAM Application Developers' Guide <author>Andrew G. Morgan, <tt>morgan@kernel.org</tt> -<date>DRAFT v0.74 2001/01/21 +<date>DRAFT v0.75 2001/02/04 <abstract> This manual documents what an application developer needs to know about the <bf>Linux-PAM</bf> library. It describes how an application @@ -218,9 +218,9 @@ PAM is also capable of setting and deleting the users credentials with the call <tt>pam_setcred()</tt>. This function should always be called after the user is authenticated and before service is offered to the user. By convention, this should be the last call to the PAM -library before service is given to the user. What exactly a -credential is, is not well defined. However, some examples are given -in the glossary below. +library before the PAM session is opened. What exactly a credential +is, is not well defined. However, some examples are given in the +glossary below. <sect>The public interface to <bf>Linux-PAM</bf> @@ -565,7 +565,7 @@ extern int pam_setcred(pam_handle_t *pamh, int flags); <p> This function is used to set the module-specific credentials of the user. It is usually called after the user has been authenticated, -after the account management function has been called and after a +after the account management function has been called but before a session has been opened for the user. <p> |