Why Apache child process runs as root?
5,406
any process that binds to a port under 1024 (privileged port) needs to be run as root to bind. So the main apache process binds to the port and opens log files and does a few other root only items.
Then it will spawn off the children to do all the work of handling requests.
Related videos on Youtube
06 : 28
Understanding What a Parent and a Child Process Is In Linux (RHCSA 8, Lesson 11B)
15 : 37
Understanding fork() system call for new process creation
03 : 15
UNIX PROGRAMMING(PART -61) The Process (Parent and Child Processes)
02 : 36
Why Apache child process runs as root? (2 Solutions!!)
01 : 41
DevOps & SysAdmins: How do child apache processes listen if they are root?
Comments
-
dimsh almost 2 years
I am running Ubuntu server 10.10 with Apache2-mpm-prefork and apache2-mod-php5, I am using:
User www-data Group www-datain the configuration file, when executing
ps -efHI get these lines:root 1497 1 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start root 1530 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start www-data 1531 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start www-data 1532 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k startApparently, a child process is running as root but why?
This also happened when I compiled Apache myself, I can't find a reason, and I do not know yet if this root-child process is serving requests or not.
-
ceving almost 13 yearsIt might help to take a look at the open files of the specific process. You can do it via the proc interface:ls -l /proc/1530/fd/. Or you can analyze the process with:lsof -p 1530. Maybe this gives you some hints.
-
-
Joe H. almost 13 yearsthat explains the process 1497, but doesn't explain 1530, which is one of the children.
-
Nils almost 13 yearsWhat does
netstat -tlnpshow for your http-port? It is propably attached to PID 1530. -
Mike almost 13 yearsyou have a module or something that spawned off another process that needed to be root. I've seen some oracle stuff do that.
