This topic lists the options that are used in conjunction with each other to run as non-root user. These two options are only available on Linux systems. These options are available for the and commands.

Options used to run as not-root user

The --privopen and --run-as-user options are used in conjunction to run a Domain Manager with non root privileges. The Domain Manager can startup as root, open privileged ports, and change to a non root user.

Table 1. Additional options for running as non-root on Linux systems
Options Description
--privopen=<arg>[,<arg>] This option is only used in conjunction with the --run-as-user option to run as non root.

Opens privileged sockets. The <arg> parameter has the following syntax:

<type>[:<family>]:<port>[,#<count>]

where:

  • <type> is one of the following:
    • TCP (for a TCP connection)
    • UDP (for a datagram)
    • IP (for a raw socket)
  • <family> is one of the following:
    • :v4 (IPv4 address family)
    • :v6 (IPv6 address family)

If <family> is not specified, the address family defaults to IPv4.

  • <port> is one of the following:
    • The required privileged port for a TCP socket
    • The required privileged port for a UDP socket
    • The protocol for IP
  • <count> is the number of sockets of the type, family and port. The default count is 1.

--run-as-user=<username>
Note: This option is only used in conjunction with the --privopen option to run as non-root user.

Specifies a valid user name.

Opening multiple ports by repeating the <arg> parameter. Each instance is separated by a comma (,).

--privopen=UDP:v4:161,#2

--privopen=IP:1,#6

--privopen=IP:v6:58,#6

--run-as-user=testuser1

In this example:

  • The first privopen line opens two UDP IPv4 sockets on port 161.
  • The second privopen line opens six raw IPv4 sockets for ICMP.
  • The third privopen line opens six raw IPv6 sockets for ICMPv6.

After the sockets are opened, the process will change to run as user, “testuser1.”