1.\"-
2.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
3.\" Copyright (c) 2004-2011 Dag-Erling Smørgrav
4.\" All rights reserved.
5.\"
6.\" This software was developed for the FreeBSD Project by ThinkSec AS and
7.\" Network Associates Laboratories, the Security Research Division of
8.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
9.\" ("CBOSS"), as part of the DARPA CHATS research program.
10.\"
11.\" Redistribution and use in source and binary forms, with or without
12.\" modification, are permitted provided that the following conditions
13.\" are met:
14.\" 1. Redistributions of source code must retain the above copyright
15.\"    notice, this list of conditions and the following disclaimer.
16.\" 2. Redistributions in binary form must reproduce the above copyright
17.\"    notice, this list of conditions and the following disclaimer in the
18.\"    documentation and/or other materials provided with the distribution.
19.\" 3. The name of the author may not be used to endorse or promote
20.\"    products derived from this software without specific prior written
21.\"    permission.
22.\"
23.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33.\" SUCH DAMAGE.
34.\"
35.\" $Id$
36.\"
37.Dd May 26, 2012
38.Dt OPENPAM_BORROW_CRED 3
39.Os
40.Sh NAME
41.Nm openpam_borrow_cred
42.Nd temporarily borrow user credentials
43.Sh LIBRARY
44.Lb libpam
45.Sh SYNOPSIS
46.In sys/types.h
47.In security/pam_appl.h
48.In security/openpam.h
49.Ft "int"
50.Fn openpam_borrow_cred "pam_handle_t *pamh" "const struct passwd *pwd"
51.Sh DESCRIPTION
52The
53.Fn openpam_borrow_cred
54function saves the current credentials and
55switches to those of the user specified by its
56.Fa pwd
57argument.
58The affected credentials are the effective UID, the effective GID, and
59the group access list.
60The original credentials can be restored using
61.Xr openpam_restore_cred 3 .
62.Pp
63.Sh RETURN VALUES
64The
65.Fn openpam_borrow_cred
66function returns one of the following values:
67.Bl -tag -width 18n
68.It Bq Er PAM_BUF_ERR
69Memory buffer error.
70.It Bq Er PAM_PERM_DENIED
71Permission denied.
72.It Bq Er PAM_SYSTEM_ERR
73System error.
74.El
75.Sh SEE ALSO
76.Xr setegid 2 ,
77.Xr seteuid 2 ,
78.Xr setgroups 2 ,
79.Xr openpam_restore_cred 3 ,
80.Xr pam 3 ,
81.Xr pam_strerror 3
82.Sh STANDARDS
83The
84.Fn openpam_borrow_cred
85function is an OpenPAM extension.
86.Sh AUTHORS
87The
88.Fn openpam_borrow_cred
89function and this manual page were
90developed for the
91.Fx
92Project by ThinkSec AS and Network Associates Laboratories, the
93Security Research Division of Network Associates, Inc.\& under
94DARPA/SPAWAR contract N66001-01-C-8035
95.Pq Dq CBOSS ,
96as part of the DARPA CHATS research program.
97