SYNOPSIS

unmunge [OPTION]...

DESCRIPTION

The unmunge program validates a MUNGE credential (e.g., one created by the munge program).

By default, the credential is read from stdin and the metadata and payload are written to stdout. When the metadata and payload are written to the same stream, they are separated by a blank line.

OPTIONS

-h, --help

Display a summary of the command-line options.

-L, --license

Display license information.

-V, --version

Display version information.

-i, --input file

Input the credential from the specified file.

-n, --no-output

Discard all output.

-m, --metadata file

Output metadata to the specified file.

-o, --output file

Output the payload to the specified file.

-k, --keys string

Specify a subset of metadata keys to output. The keys are case-insensitive and delimited by whitespace, commas, semicolons, or periods -- as long as the string is treated as a single argument by the shell (e.g., enclosed by quotes). If a subset is not specified, all available keys are selected by default.

-K, --list-keys

Display a list of metadata keys.

-S, --socket path

Specify the local domain socket for connecting with munged.

METADATA KEYS

The following metadata keys are supported.

STATUS

The status of the credential decode operation.

ENCODE_HOST

The address of the host on which the credential was encoded.

ENCODE_TIME

The time at which the credential was encoded (according to the local clock of the host that encoded it).

DECODE_TIME

The time at which the credential was decoded (according to the local clock of the host that decoded it).

TTL

The time-to-live value (in seconds) placed within the credential.

CIPHER

The cipher type used to encode the credential.

MAC

The MAC type used to encode the credential.

ZIP

The compression type used to encode the credential.

UID

The user ID of the process that encoded the credential.

GID

The group ID of the process that encoded the credential.

UID_RESTRICTION

The user ID restriction placed within the credential.

GID_RESTRICTION

The group ID restriction placed within the credential.

LENGTH

The length (in bytes) of the payload.

EXIT STATUS

The unmunge program returns an exit code corresponding to the return code of munge_decode(). On success, it returns a zero exit code which signifies the credential is valid. On error, it prints an error message to stderr and returns a non-zero exit code.

AUTHOR

Chris Dunlap <[email protected]>

COPYRIGHT

Copyright (C) 2007-2013 Lawrence Livermore National Security, LLC.

Copyright (C) 2002-2007 The Regents of the University of California.

MUNGE is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Additionally for the MUNGE library (libmunge), you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

RELATED TO unmunge…