Provided by: munge_0.5.10-1_i386 bug

NAME

       munge - MUNGE overview

INTRODUCTION

       MUNGE  (MUNGE  Uid  'N'  Gid Emporium) is an authentication service for
       creating and validating credentials.   It  is  designed  to  be  highly
       scalable for use in an HPC cluster environment.  It allows a process to
       authenticate the UID and GID of another local or remote process  within
       a  group  of  hosts having common users and groups.  These hosts form a
       security realm that is defined by a shared cryptographic key.   Clients
       within  this security realm can create and validate credentials without
       the use  of  root  privileges,  reserved  ports,  or  platform-specific
       methods.

RATIONALE

       The  need for MUNGE arose out of the HPC cluster environment.  Consider
       the scenario in which a local daemon running on a login node receives a
       client  request and forwards it on to remote daemons running on compute
       nodes within the cluster.  Since the user has already logged on to  the
       login   node,   the  local  daemon  just  needs  a  reliable  means  of
       ascertaining the UID and GID of the client process.   Furthermore,  the
       remote  daemons need a mechanism to ensure the forwarded authentication
       data has not been subsequently altered.

       A common solution to this problem is to  use  Unix  domain  sockets  to
       determine  the  identity  of  the  local  client, and then forward this
       information on to remote hosts via trusted rsh connections.   But  this
       presents  several  new  problems.   First, there is no portable API for
       determining the identity  of  a  client  over  a  Unix  domain  socket.
       Second,  rsh  connections  must  originate  from  a  reserved port; the
       limited number of reserved ports available on  a  given  host  directly
       limits  scalability.   Third,  root privileges are required in order to
       bind to a reserved port.  Finally, the remote daemons have no means  of
       determining whether the client identity is authentic.

USAGE

       A  process  creates a credential by requesting one from the local MUNGE
       service, either via the munge_encode() C  library  call  or  the  munge
       executable.   The  encoded  credential  contains the UID and GID of the
       originating process.  This process  sends  the  credential  to  another
       process  within  the security realm as a means of proving its identity.
       The receiving process validates the credential  with  the  use  of  its
       local  MUNGE  service,  either via the munge_decode() C library call or
       the unmunge executable.  The decoded credential provides the  receiving
       process  with  a  reliable means of ascertaining the UID and GID of the
       originating process.  This information can be used  for  accounting  or
       access control decisions.

DETAILS

       The  contents  of  the credential (including any optional payload data)
       are encrypted with a key  shared  by  all  munged  daemons  within  the
       security  realm.   The  integrity  of  the  credential  is ensured by a
       message authentication code (MAC).   The  credential  is  valid  for  a
       limited  time  defined  by its time-to-live (TTL); this presumes clocks
       within a security realm are in sync.  Unexpired credentials are tracked
       by  the  local  munged  daemon  in order to prevent replay attacks on a
       given host.  Decoding of a credential can be restricted to a particular
       user  and/or  group ID.  The payload data can be used for purposes such
       as embedding the destination's address to ensure the credential is only
       valid  on  a  specific  host.  The internal format of the credential is
       encoded in a platform-independent manner.  And the credential itself is
       base64  encoded  to  allow  it  to  be  transmitted  over virtually any
       transport.

AUTHOR

       Chris Dunlap <cdunlap@llnl.gov>

COPYRIGHT

       Copyright (C) 2007-2011 Lawrence Livermore National Security, LLC.
       Copyright (C) 2002-2007 The Regents of the University of California.

       MUNGE is free software: you can redistribute it and/or modify it  under
       the  terms  of  the GNU General Public License as published by the Free
       Software Foundation, either version 3  of  the  License,  or  (at  your
       option) any later version.

       Additionally  for the MUNGE library (libmunge), you can redistribute it
       and/or modify it under the terms  of  the  GNU  Lesser  General  Public
       License  as published by the Free Software Foundation, either version 3
       of the License, or (at your option) any later version.

SEE ALSO

       munge(1),    remunge(1),    unmunge(1),     munge(3),     munge_ctx(3),
       munge_enum(3), munged(8).

       http://munge.googlecode.com/