Options to run as non-root on Linux systems

This topic lists the options that are used in conjunction with each other to run as non-root user. These two options are only available on Linux systems. These options are available for the and commands.

Options used to run as not-root user

The --privopen and --run-as-user options are used in conjunction to run a Domain Manager with non root privileges. The Domain Manager can startup as root, open privileged ports, and change to a non root user.

Table 1. Additional options for running as non-root on Linux systems
Options	Description
`--privopen=<arg>[,<arg>]`	This option is only used in conjunction with the --run-as-user option to run as non root. Opens privileged sockets. The `<arg>` parameter has the following syntax: `<type>[:<family>]:<port>[,#<count>]` where: `<type>` is one of the following: TCP (for a TCP connection) UDP (for a datagram) IP (for a raw socket) `<family>` is one of the following: :v4 (IPv4 address family) :v6 (IPv6 address family) If `<family>` is not specified, the address family defaults to IPv4. `<port>` is one of the following: The required privileged port for a TCP socket The required privileged port for a UDP socket The protocol for IP `<count>` is the number of sockets of the type, family and port. The default count is 1.
`--run-as-user=<username>`	Note: This option is only used in conjunction with the --privopen option to run as non-root user. Specifies a valid user name.

Opening multiple ports by repeating the <arg> parameter. Each instance is separated by a comma (,).

--privopen=UDP:v4:161,#2

--privopen=IP:1,#6

--privopen=IP:v6:58,#6

--run-as-user=testuser1

In this example:

The first privopen line opens two UDP IPv4 sockets on port 161.
The second privopen line opens six raw IPv4 sockets for ICMP.
The third privopen line opens six raw IPv6 sockets for ICMPv6.

After the sockets are opened, the process will change to run as user, “testuser1.”