How to Run the Omada SDN Controller on Linux Using a Non-root User Account

Omada Software Controller( V5 )
Recent updates may have expanded access to feature(s) discussed in this FAQ. Visit your product's support page, select the correct hardware version for your device, and check either the Datasheet or the firmware section for the latest improvements added to your product. Please note that product availability varies by region, and certain models may not be available in your region.
Note: This FAQ applies to: Omada SDN Controller V5
The tar.gz version of Omada SDN Controller runs with the root user by default, but you can modify the configuration for it to run it with non-root users accounts. This article will guide you on how to complete this process. Note: The Linux environment used in this article is Debian 11.
1. Install Omada SDN Controller with root.
First, you need to install the Omada SDN Controller with root. For more details, please refer to Chapter 3.2 of How to install Omada SDN controller on Linux system (above Controller 5.0.29).
Once the installation process is complete, the controller will start automatically. Press Ctrl + C to exit the startup or run “tpeap stop” command with root to exit the controller.
2. Modify control.sh file.
Go to the controller’s installation folder (/opt/tplink/EAPController, by default), go to the bin folder and modify the control.sh file with root.
Find the “OMADA_USER”, and change root to the user account you want to use. For example, we change it to tplink.
Then comment out the PID_FILE line and change the PID_FILE to “{OMADA_HOME}/data/{NAME}.pid”.
Find the second “check_root_perms”, and comment it out.
Save the file and exit.
3. Modify the folders’ owner.
Run the chown command with root to change the owner of the data, logs, and work folders to the non-root user you use.
Now you can run Omada SDN Controller with the non-root user.
Note: Upgrading the controller will overwrite the previously modified configuration and change the owner of the work folder. It is recommended to record the modified configuration items, and then modify them after upgrading, don't back up the previous configuration file and directly replace it after upgrading.
Looking for More
Is this faq useful?
Your feedback helps improve this site.
What’s your concern with this article?
- Dissatisfied with product
- Too Complicated
- Confusing Title
- Does not apply to me
- Too Vague
- Other
Thank you
We appreciate your feedback.
Click here to contact TP-Link technical support.
Recommend Products

TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.
We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .
We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .
Basic Cookies
These cookies are necessary for the website to function and cannot be deactivated in your systems.
TP-Link
SESSION, JSESSIONID, accepted_local_switcher, tp_privacy_base, tp_privacy_marketing, tp_smb-select-product_scence, tp_smb-select-product_scenceSimple, tp_smb-select-product_userChoice, tp_smb-select-product_userChoiceSimple, tp_smb-select-product_userInfo, tp_smb-select-product_userInfoSimple, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType
Youtube
id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ
Zendesk
OptanonConsent, __cf_bm, __cfruid, _cfuvid, _help_center_session, _pendo___sg__.<container-id>, _pendo_meta.<container-id>, _pendo_visitorId.<container-id>, _zendesk_authenticated, _zendesk_cookie, _zendesk_session, _zendesk_shared_session, ajs_anonymous_id, cf_clearance
Analysis and Marketing Cookies
Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.
The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.
Google Analytics & Google Tag Manager
_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>
Google Ads & DoubleClick
test_cookie, _gcl_au