Options to run as non-root on Linux systems

This topic lists the options that are used in conjunction with each other to run as non-root user. These two options are only available on Linux systems. These options are available for the and commands.

Options used to run as not-root user

The
--privopen
and
--run-as-user
options are used in conjunction to run a
Domain Manager
with non root privileges. The
Domain Manager
can startup as root, open privileged ports, and change to a non root user.
Additional options for running as non-root on Linux systems
Options
Description
--privopen=<arg>[,<arg>]
This option is only used in conjunction with the
--run-as-user
option to run as non root.
Opens privileged sockets. The
<arg>
parameter has the following syntax:
<type>[:<family>]:<port>[,#<count>]
where:
  • <type>
    is one of the following:
    • TCP (for a TCP connection)
    • UDP (for a datagram)
    • IP (for a raw socket)
  • <family>
    is one of the following:
    • :v4 (IPv4 address family)
    • :v6 (IPv6 address family)
If
<family>
is not specified, the address family defaults to IPv4.
  • <port>
    is one of the following:
    • The required privileged port for a TCP socket
    • The required privileged port for a UDP socket
    • The protocol for IP
  • <count>
    is the number of sockets of the type, family and port. The default count is 1.
--run-as-user=<username>
This option is only used in conjunction with the
--privopen
option to run as non-root user.
Specifies a valid user name.
Opening multiple ports by repeating the <arg> parameter. Each instance is separated by a comma (,).
--privopen=UDP:v4:161,#2
--privopen=IP:1,#6
--privopen=IP:v6:58,#6
--run-as-user=testuser1
In this example:
  • The first
    privopen
    line opens two UDP IPv4 sockets on port 161.
  • The second
    privopen
    line opens six raw IPv4 sockets for ICMP.
  • The third
    privopen
    line opens six raw IPv6 sockets for ICMPv6.
After the sockets are opened, the process will change to run as user, “testuser1.”