On 05/22/2013 05:01 PM, Jarry wrote: > Hi Gentoo community, > > I modified apache config to have it running on non-private > port 8080. I restarted apache and verified that it is > really listening on port 8080 (netstat). But when I check > all running apache processes for owners, I see there is still > one apache process running as root (rest are running as > "apache" user). > > So my question is: how can I run apache completely as non-root > user? IIRC, "root" is necessary only if I want to use "low" > port numbers (0-1023), but my apache is using 8080... >
That's the parent process; it doesn't actually handle any requests, it just hands them off to a child process running as another user/group. Apache needs to be root to both (a) bind to ports < 1024, and (b) switch to the user/group specified in httpd.conf. If you don't need to do either of those, try starting apache as the user you want it to run as. You'll probably need to write your own init scripts, since the stock ones assume that you're root.
