CADDesignCodeWorkEtcContact
ABCDEFGHIJKLMNOPQRSTUVWXYZ

pam_open_session

PAM_OPEN_SESSION(3)        App. Programmers' Manual        PAM_OPEN_SESSION(3)



NAME
       pam_open/close_session - PAM session management


SYNOPSIS
       #include <security/pam_appl.h>

       int pam_open_session(pam_handle_t *pamh, int  flags);

       int pam_close_session(pam_handle_t *pamh, int  flags);



DESCRIPTION
       PAM provides management-hooks for the initialization and termination of
       a session.


       pam_open_session
              Use this function to signal that an authenticated  user  session
              has  begun.  It should be called only after the user is properly
              identified and (where necessary) has been granted their  creden-
              tials  with pam_authenticate(3) and pam_setcred(3) respectively.

              Some types of functions associated with  session  initialization
              are logging for the purposes of system-audit and mounting direc-
              tories (the user's home directory for example). These should not
              concern  the  application. It should be noted that the effective
              uid, geteuid(2), of the  application  should  be  of  sufficient
              privilege to perform such tasks.


       pam_close_session
              Use  this function to signal that a user session has terminated.
              In general this function may not need to be located in the  same
              application as the initialization function, pam_open_session.

              Typically,  this function will undo the actions of pam_open_ses-
              sion.  That is, log audit information concerning the end of  the
              user  session  or  unmount the user's home directory. Apart from
              having sufficient privilege the details of the session  termina-
              tion should not concern the calling application. It is good pro-
              gramming practice, however, to cease acting  on  behalf  of  the
              user on returning from this call.


RETURN VALUE
       A successful return from the session management functions will be indi-
       cated with PAM_SUCCESS.

       The specific error indicating a failure to open or close a  session  is
       PAM_SESSION_ERR.   In general other return values may be returned. They
       should be treated as indicating failure.


ERRORS
       May be translated to text with pam_strerror(3).


CONFORMING TO
       OSF-RFC 86.0, October 1995.


BUGS
       none known.


SEE ALSO
       pam_start(3),  pam_authenticate(3),  pam_setcred(3),   pam_get_item(3),
       pam_strerror(3) and pam(3).

       Also, see the three Linux-PAM Guides, for System administrators, module
       developers, and application developers.



Linux-PAM 0.55                    1997 Jan 4               PAM_OPEN_SESSION(3)
Copyright © JRX Toronto, Canada. All rights reserved.