25 lines
1.0 KiB
Plaintext
25 lines
1.0 KiB
Plaintext
munge (an authentication service)
|
|
|
|
MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for
|
|
creating and validating credentials.
|
|
|
|
It is designed to be highly scalable for use in an HPC cluster
|
|
environment. It allows a process to authenticate the UID and GID of
|
|
another local or remote process within a group of hosts having common
|
|
users and groups. These hosts form a security realm that is defined
|
|
by a shared cryptographic key. Clients within this security realm can
|
|
create and validate credentials without the use of root privileges,
|
|
reserved ports, or platform-specific methods.
|
|
|
|
On most platforms, the munged daemon does not require root privileges to run.
|
|
If possible, you should run the daemon as a non-privileged user.
|
|
This can be specified in the init script /etc/rc.d/rc.munge.
|
|
|
|
# groupadd -g 310 munge
|
|
# useradd -u 310 -d /var/lib/munge -s /bin/false -g munge munge
|
|
|
|
After installation a secret key file needs to be created. Follow instructions
|
|
from:
|
|
|
|
https://github.com/dun/munge/wiki/Installation-Guide#creating-a-secret-key
|