Running IP server as non root on UNIX and Linux systems
Options for running as non root on UNIX and Linux systems describes two options that are used in conjunction
with each other to run IP server as a server or as a service, as non root. These two options are
only available on UNIX and Linux systems. These options are available for sm_server.
Options | Descripiton |
|---|---|
--privopen=<arg>[,< arg >] | This option is only used in conjuction with the --run-as-user option to run as non root. Opens privileged sockets. The < arg > parameter has the following syntax:<type>[:< family >]:<port >[,<count >]where:
|
--run-as-user=< username > | This option is only used in conjuction with the --privopen option to run as non root. Specifies a valid user name. |
The --privopen and --run-as-user options are used in conjunction to run a Domain Manager with non root privileges. The Domain Manager can startup as root, open privileged ports, and change to a
non root user. You can open multiple ports by repeating the <arg> parameter. Each instance is separated by a comma (,). For example:
--privopen=UDP:v4:161,#2 --privopen=IP:1,#4 --privopen=IP:v6:58 --run-as-user=testuser1
In this example:
- The first privopen line opens two UDP IPv4 sockets on port 161.
- The second privopen line opens four raw IPv4 sockets for ICMP.
- The third privopen line opens one raw IPv6: socket for ICMP.After the sockets are opened, the process will change to run as user, "testuser1".The following privileged port is required by the sm_server:port 162 (to listen to incoming traps).