To be correctly initialized, PAM_SM_SESSION
must be
#define
'd prior to including
<security/pam_modules.h>
. This will ensure that the
prototypes for static modules are properly declared.
The following two functions are defined to handle the initialization/termination of a session. For example, at the beginning of a session the module may wish to log a message with the system regarding the user. Similarly, at the end of the session the module would inform the system that the user's session has ended.
It should be possible for sessions to be opened by one application and
closed by another. This either requires that the module uses only
information obtained from pam_get_item()
, or that information
regarding the session is stored in some way by the operating system
(in a file for example).
PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int
argc, const char **argv);
This function is called to commence a session. The only valid, but
optional, flag is PAM_SILENT
.
As a return value, PAM_SUCCESS
signals success and
PAM_SESSION_ERR
failure.
PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int
argc, const char **argv);
This function is called to terminate a session. The only valid, but
optional, flag is PAM_SILENT
.
As a return value, PAM_SUCCESS
signals success and
PAM_SESSION_ERR
failure.