munge
munge copied to clipboard
dun
MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating and validating user credentials.
The [credential format v3](../wiki/Credential-Format/bd4866833e6b2c702690151568f04bd077d1b9c8) is not extensible. Supporting planned new features will require a new credential format. This format should be extensible to accommodate new features and functionality without having...
In #101, @avatar-lavventura [noted](https://github.com/dun/munge/issues/101#issuecomment-1166311313) a bug where `SIGHUP` was not being ignored when `munged` was run with `-F, --foreground`.
Add support for systemd socket activation. This would allow `munged` to be restarted without potentially dropping any incoming requests during that time. It would also allow for the initial phase...
**What new or enhanced feature are you proposing?** IPv6 support. **What goal would this enhancement help you achieve?** This would allow an IPv6 address for the credential origin to be...
When running munched with something like supervisord it would be useful if running with -F option would still tag the log with timestamps, as logging into a file does. Would...
Embed the SELinux security context into the credential metadata. This will benefit resource managers (e.g., [Flux](https://github.com/flux-framework/flux-security/issues/95) and [Slurm](https://bugs.schedmd.com/show_bug.cgi?id=7133)) that want to confine jobs to a specific SELinux context. The goal...
**What new or enhanced feature are you proposing?** Support for transitioning to a new key. **What goal would this enhancement help you achieve?** Each munged currently supports a single cryptographic...
Allow for `libmunge` calls to be made asynchronously. When these calls are made in an event loop, the process making the call is blocked while waiting for a response and...
Add support for a single `munged` instance to manage multiple keys, each for a different *security realm*. This would remove the need to run multiple `munged` processes concurrently, each bound...
MUNGE clients perform a single request per connection to the daemon. This results in an increased request latency if a client needs to perform many such requests (e.g., bulk submit),...