Why Apache child process runs as root?
5,406
any process that binds to a port under 1024 (privileged port) needs to be run as root to bind. So the main apache process binds to the port and opens log files and does a few other root only items.
Then it will spawn off the children to do all the work of handling requests.
Related videos on Youtube
Comments
-
dimsh almost 2 years
I am running Ubuntu server 10.10 with Apache2-mpm-prefork and apache2-mod-php5, I am using:
User www-data Group www-data
in the configuration file, when executing
ps -efH
I get these lines:root 1497 1 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start root 1530 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start www-data 1531 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start www-data 1532 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start
Apparently, a child process is running as root but why?
This also happened when I compiled Apache myself, I can't find a reason, and I do not know yet if this root-child process is serving requests or not.
-
ceving almost 13 yearsIt might help to take a look at the open files of the specific process. You can do it via the proc interface:
ls -l /proc/1530/fd/
. Or you can analyze the process with:lsof -p 1530
. Maybe this gives you some hints.
-
-
Joe H. almost 13 yearsthat explains the process 1497, but doesn't explain 1530, which is one of the children.
-
Nils almost 13 yearsWhat does
netstat -tlnp
show for your http-port? It is propably attached to PID 1530. -
Mike almost 13 yearsyou have a module or something that spawned off another process that needed to be root. I've seen some oracle stuff do that.