Munge credential decoder
unmunge [OPTION]...
The unmunge program validates a MUNGE credential (e.g., one created by the munge program).
By default, the credential is read from stdin and the metadata and payload are written to stdout. When the metadata and payload are written to the same stream, they are separated by a blank line.
-h, --help
Display a summary of the command-line options.
-L, --license
Display license information.
-V, --version
Display version information.
-i, --input file
Input the credential from the specified file.
-n, --no-output
Discard all output.
-m, --metadata file
Output metadata to the specified file.
-o, --output file
Output the payload to the specified file.
-k, --keys string
Specify a subset of metadata keys to output. The keys are case-insensitive and delimited by whitespace, commas, semicolons, or periods -- as long as the string is treated as a single argument by the shell (e.g., enclosed by quotes). If a subset is not specified, all available keys are selected by default.
-K, --list-keys
Display a list of metadata keys.
-S, --socket path
Specify the local domain socket for connecting with munged.
The following metadata keys are supported.
STATUS
The status of the credential decode operation.
ENCODE_HOST
The address of the host on which the credential was encoded.
ENCODE_TIME
The time at which the credential was encoded (according to the local clock of the host that encoded it).
DECODE_TIME
The time at which the credential was decoded (according to the local clock of the host that decoded it).
TTL
The time-to-live value (in seconds) placed within the credential.
CIPHER
The cipher type used to encode the credential.
MAC
The MAC type used to encode the credential.
ZIP
The compression type used to encode the credential.
UID
The user ID of the process that encoded the credential.
GID
The group ID of the process that encoded the credential.
UID_RESTRICTION
The user ID restriction placed within the credential.
GID_RESTRICTION
The group ID restriction placed within the credential.
LENGTH
The length (in bytes) of the payload.
The unmunge program returns an exit code corresponding to the return code of munge_decode(). On success, it returns a zero exit code which signifies the credential is valid. On error, it prints an error message to stderr and returns a non-zero exit code.
Chris Dunlap <[email protected]>
Copyright (C) 2007-2013 Lawrence Livermore National Security, LLC.
Copyright (C) 2002-2007 The Regents of the University of California.
MUNGE is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
Additionally for the MUNGE library (libmunge), you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
munge(1), remunge(1), munge(3), munge_ctx(3), munge_enum(3), munge(7), munged(8).
https://munge.googlecode.com/