* Backend daemon drops privileges after initialization (to not run as root)

* New config option `CLICON_USER` with default value `clicon`
  * Can also be set with `-U <user>` clixon_backend command-line option

yang/clixon/Makefile.in

@@ -41,7 +41,7 @@ datarootdir     = @datarootdir@
 # See also STD_YANG_INSTALLDIR for the standard yang files
 YANG_INSTALLDIR   = @YANG_INSTALLDIR@
 
-YANGSPECS	 = clixon-config@2019-06-05.yang
+YANGSPECS	 = clixon-config@2019-09-11.yang
 YANGSPECS	+= clixon-lib@2019-08-13.yang
 YANGSPECS	+= clixon-rfc5277@2008-07-01.yang
 YANGSPECS	+= clixon-xml-changelog@2019-03-21.yang

yang/clixon/clixon-config@2019-09-11.yang

@@ -39,6 +39,10 @@ module clixon-config {
 
        ***** END LICENSE BLOCK *****";
 
+    revision 2019-09-11 {
+	description
+	    "Added: CLICON_USER: user that backend daemon drops privileges to";
+
     revision 2019-06-05 {
 	description
 	    "Added: CLICON_YANG_REGEXP, CLICON_CLI_TAB_MODE, 
@@ -415,7 +419,15 @@ module clixon-config {
 	leaf CLICON_SOCK_GROUP {
 	    type string;
 	    default "clicon";
-	    description "Group membership to access clixon_backend unix socket";
+	    description
+		"Group membership to access clixon_backend unix socket and gid for 
+                 deamon";
+	}
+	leaf CLICON_USER {
+	    type string;
+	    default "clicon";
+	    description 
+		"User to access clixon_backend unix socket and uid for deamon";
 	}
 	leaf CLICON_BACKEND_PIDFILE {
 	    type string;