elastic · vishaangelova · Dec 19, 2025 · Dec 19, 2025
@@ -13,7 +13,11 @@
 
 Beginning with {{stack}} version 8.15, {{agent}} is no longer required to be run by a user with superuser privileges. You can now run agents in an `unprivileged` mode that does not require `root` access on Linux or macOS, or `admin` access on Windows. Being able to run agents without full administrative privileges is often a requirement in organizations where this kind of access is often limited.
 
+:::{note}
+Unprivileged mode is not supported for {{agent}} installed using RPM or DEB packages. To use unprivileged mode on Linux, you must install {{agent}} using the tarball (`.tar.gz`) distribution.
+:::
+
 In general, agents running without full administrative privileges will perform and behave exactly as those run by a superuser. There are certain integrations and data streams that are not available, however. If an integration requires root access, this is [indicated on the integration main page](#unprivileged-integrations).
 
 You can also [change the privilege mode](#unprivileged-change-mode) of an {{agent}} after it has been installed.

@@ -64,6 +68,8 @@
 
 ### Considerations
 
+If you installed {{agent}} using an RPM or DEB package, the commands related to unprivileged mode will not work. To use unprivileged mode on Linux, you must install {{agent}} using the tarball (`.tar.gz`) distribution.
+
 When running {{agent}} in `unprivileged` mode on Linux systems, consider the following:
 
 * You must use `sudo` to run the `elastic-agent install` command because only the root user can install new services. After {{agent}} is installed with the `--unprivileged` flag, the service does not run as root, and you can run {{agent}} commands without being the root user.
@@ -167,7 +173,11 @@
 
 ## Changing an {{agent}}'s privilege mode [unprivileged-change-mode]
 
-For any installed {{agent}} you can change the mode that it’s running in by running the `privileged` or `unprivileged` subcommand.
+For any installed {{agent}} you can change the mode that it's running in by running the `privileged` or `unprivileged` subcommand.
+
+:::{note}
+Changing privilege modes is not supported for {{agent}} installed using RPM or DEB packages.
+:::
 
 Change mode from privileged to unprivileged:
 
@@ -239,6 +249,10 @@
 
 In certain cases you may want to install {{agent}} in `unprivileged` mode, with the agent running as a pre-existing user or as part of a pre-existing group. For example, on a Windows system you may have a service account in Active Directory and you'd like {{agent}} to run under that account.
 
+:::{note}
+This functionality is not supported for {{agent}} installed using RPM or DEB packages.
+:::
+
 :::{admonition} Active Directory to determine user group
 :applies_to: stack: preview
 The ability to interface with Active Directory to determine the user group is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.