#
Linux #
Launch openconnect without root/sudo #
sudo capsh --caps='cap_net_admin+eip cap_setpcap,cap_setuid,cap_setgid+ep' --user=nobody --keep=1 --addamb=cap_net_admin -- -c 'openconnect -U nobody --csd-user=nobody --protocol=gp vpn.ohmportal.de --csd-wrapper /usr/lib/openconnect/hipreport.sh --user <user>'
(standard openconnect)
(you still need root, but capsh drops it before launching openconnect)