Running the Robot as a non-root or non-admin user

Document ID : KB000010582
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

This article will describe how to install and run a robot using a non-root user account. 

 

 

Please note that this is not a supported configuration. The UIM Support team cannot assist in troubleshooting issues with non-root robots.

Keep in mind that in order to log and address any defect or otherwise for a probe, the problem must first be reproduced running the probe as root.

Environment:
This is general information and applies to most version of UIM.
Instructions:

UNIX/Linux:

The non-root user must have sufficient rights to:

  • access the kernel for statistics (CDM)
  • kill processes (processes)
  • create raw sockets (net_connect, net_ probes).
  • make system calls (probes)

The installation should be done as root user, as scripts needs to be installed in /etc/init.d for launching the service automatically.

How to run NimBUS as a non-root/non-administrative user:

Stop NimBUS:
# /etc/init.d/nimbus stop

Change owner to user 'nimbus':
# cd /opt/nimbus
# find . -exec chown nimbus {} \;

Set UID for the nimbus-process:
# cd bin
# chmod 4755 nimbus

Start NimBUS:
# /etc/init.d/nimbus start



Windows:

Similar to UNIX/Linux you are able to install the robot with a non-admin user. 

 

 

Running Probes

To test viability for your own purposes, you need to work out exactly what you need to monitor and on which probes and then remove the rights and see which metrics fail. Some probes don't need as many rights, but others need to make system calls so it can be trial and error. Keep in mind that the product is not static and new changes may affect the results.

Running on reduced rights will often work better with a very 'static' basic monitoring requirement. 

Additional Information:

On Linux, the installation works but the only problem is setting up the automatic startup of the Robot. That HAS to be done as root as it modifies files in /etc/init.d and cannot be done by a regular user.

Note that when running the inst_init.sh script as root you will need to modify the ownership of the files to get the robot to run as a non-root user.