18 lines
1020 B
Plaintext
18 lines
1020 B
Plaintext
MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating credentials.
|
|
|
|
It is designed to be highly scalable for use in an HPC cluster environment.
|
|
It allows a process to authenticate the UID and GID of another local or remote process
|
|
within a group of hosts having common users and groups. These hosts form a security realm
|
|
that is defined by a shared cryptographic key. Clients within this security realm can create
|
|
and validate credentials without the use of root privileges, reserved ports, or platform-specific methods.
|
|
|
|
On most platforms, the munged daemon does not require root privileges to run.
|
|
If possible, you should run the daemon as a non-privileged user.
|
|
This can be specified in the init script /etc/rc.d/rc.munge.
|
|
|
|
# groupadd -g 310 munge
|
|
# useradd -u 310 -d /var/lib/munge -s /bin/false -g munge munge
|
|
|
|
After installation a secret key file needs to be created. Follow instructions from:
|
|
https://github.com/dun/munge/wiki/Installation-Guide#creating-a-secret-key
|