NNMi and the iSPI products should run as non-root users

Idea ID 1641413

NNMi and the iSPI products should run as non-root users

Wherever possible, NNMi and the iSPI products should run as non-root users. We also want to reduce the need for the administrators to need root access to administer and maintain the applications.

https://softwaresupport.softwaregrp.com/km/KM00965235 “Why NNMi(Network Node Manager) requires root access” explains that processes need to start as root to allocate ports below 1024. Might it be possible to use a port translation process similar to NA to avoid the need to allocate these low ports and also have the customer use high ports for the HTTP and HTTPS access?

6 Comments
Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes
 
Honored Contributor.. Honored Contributor..
Honored Contributor..

By default, iSPIs are not actually binding to ports below 1024 so it is expected that they won't run as root.

Micro Focus Expert
Micro Focus Expert
Status changed to: Under Consideration
 
Contributor.
Contributor.

I cannot Vote for Idea, but I can comment and confirm, that Idea will be userful.

Micro Focus Expert
Micro Focus Expert
Status changed to: Delivered

This idea is delivered as part of the NNMi 2019.11 release for NNMi Premium, i.e., NNMi core, QA & NPS. For more details, please look at the documentation at https://docs.microfocus.com/itom/Network_Node_Manager_i:2019.11/ReleaseNotes#What.27s_new

Honored Contributor.. Honored Contributor..
Honored Contributor..

So it's not completely delivered because most of the iSPIs (MPLS, IPT, MCAST) still cannot run as user different than root?

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.