I am running Ubuntu server 10.10 with Apache2-mpm-prefork and apache2-mod-php5, I am using:
User www-data
Group www-data
in the configuration file, when executing ps -efH
I get these lines:
root 1497 1 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start
root 1530 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 1531 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 1532 1497 0 09:43 ? 00:00:00 /usr/sbin/apache2 -k start
Apparently, a child process is running as root but why?
This also happened when I compiled Apache myself, I can't find a reason, and I do not know yet if this root-child process is serving requests or not.
Best Answer
any process that binds to a port under 1024 (privileged port) needs to be run as root to bind. So the main apache process binds to the port and opens log files and does a few other root only items.
Then it will spawn off the children to do all the work of handling requests.