DragonFly On-Line Manual Pages
MUNGE(1) MUNGE Uid 'N' Gid Emporium MUNGE(1)
NAME
munge - MUNGE credential encoder
SYNOPSIS
munge [OPTION]...
DESCRIPTION
The munge program creates an MUNGE credential containing the UID and
GID of the calling process. Additional payload data can be
encapsulated in as well. The returned credential can be passed to
another process which can validate its contents (e.g., via the unmunge
program). This allows an unrelated and potentially remote process to
ascertain the identity of the calling process.
By default, payload input is read from stdin and the credential is
written to stdout.
OPTIONS
-h, --help
Display a summary of the command-line options.
-L, --license
Display license information.
-V, --version
Display version information.
-n, --no-input
Discard all input for the payload.
-s, --string string
Input payload from the specified string.
-i, --input file
Input payload from the specified file.
-o, --output file
Output the credential to the specified file.
-c, --cipher string
Specify the cipher type, either by name or number.
-C, --list-ciphers
Display a list of supported cipher types.
-m, --mac string
Specify the MAC type, either by name or number.
-M, --list-macs
Display a list of supported MAC types.
-z, --zip string
Specify the compression type, either by name or number.
-Z, --list-zips
Display a list of supported compression types.
-u, --restrict-uid uid
Specify the user name or UID allowed to decode the credential.
This will be matched against the effective user ID of the
process requesting the credential decode.
-U, --uid uid
Specify the user name or UID under which to request the
credential. This requires root privileges or the CAP_SETUID
capability.
-g, --restrict-gid gid
Specify the group name or GID allowed to decode the credential.
This will be matched against the effective group ID of the
process requesting the credential decode, as well as each
supplementary group of which the effective user ID of that
process is a member.
-G, --gid gid
Specify the group name or GID under which to request the
credential. This requires root privileges or the CAP_SETGID
capability.
-t, --ttl integer
Specify the time-to-live (in seconds). This controls how long
the credential is valid once it has been encoded. A value of 0
selects the default TTL. A value of -1 selects the maximum
allowed TTL.
-S, --socket path
Specify the local domain socket for connecting with munged.
EXIT STATUS
The munge program returns a zero exit code when the credential is
successfully created and returned. On error, it prints an error
message to stderr and returns a non-zero exit code.
AUTHOR
Chris Dunlap <cdunlap@llnl.gov>
COPYRIGHT
Copyright (C) 2007-2013 Lawrence Livermore National Security, LLC.
Copyright (C) 2002-2007 The Regents of the University of California.
MUNGE is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation, either version 3 of the License, or (at your
option) any later version.
Additionally for the MUNGE library (libmunge), you can redistribute it
and/or modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation, either version 3
of the License, or (at your option) any later version.
SEE ALSO
remunge(1), unmunge(1), munge(3), munge_ctx(3), munge_enum(3),
munge(7), munged(8).
https://munge.googlecode.com/
munge-0.5.11 2013-08-27 MUNGE(1)