Options for running as non root on UNIX and Linux systems describes two options that are used in conjunction with each other to run IP server as a server or as a service, as non root. These two options are only available on UNIX and Linux systems. These options are available for sm_server.
| Options |
Descripiton |
|---|---|
| --privopen=<arg>[,<arg>] |
Note:
This option is only used in conjuction with the --run-as-user option to run as non root. Opens privileged sockets. The <arg> parameter has the following syntax: <type>[:<family>]:<port>[,<count>] where:
|
| --run-as-user=<username> |
Note:
This option is only used in conjuction with the --privopen option to run as non root. Specifies a valid user name. |
The --privopen and --run-as-user options are used in conjunction to run a Domain Manager with non root privileges. The Domain Manager can startup as root, open privileged ports, and change to a non root user. You can open multiple ports by repeating the <arg> parameter. Each instance is separated by a comma (,). For example:
--privopen=UDP:v4:161,#2 --privopen=IP:1,#4 --privopen=IP:v6:58 --run-as-user=testuser1
In this example:
-
The first privopen line opens two UDP IPv4 sockets on port 161.
-
The second privopen line opens four raw IPv4 sockets for ICMP.
-
The third privopen line opens one raw IPv6: socket for ICMP.
After the sockets are opened, the process will change to run as user, "testuser1".
Note:The following privileged port is required by the sm_server:
port 162 (to listen to incoming traps).
