Configuring Apache User/Group Permissions in Mac OS X 10.6 (Snow Leopard)


2 views

In OS X 10.6 (Snow Leopard), Apache HTTP Server runs under the following credentials by default:

User: _www
Group: _www

These are system accounts created specifically for web services, with intentionally restricted privileges for security reasons.

To confirm your Apache process ownership, run:

ps aux | grep httpd

Sample output showing the _www user:

_www     12345  0.0  0.5  2468100  42000   ??  S    10:00AM   0:00.25 /usr/sbin/httpd

When setting permissions for web directories, follow this pattern:

sudo chown -R yourusername:_www /path/to/webroot
sudo chmod -R 750 /path/to/webroot
sudo chmod -R g+s /path/to/webroot

Key points:

  • Set owner to your admin account (for maintenance)
  • Set group to _www (for Apache access)
  • 750 permissions give owner full access, group read/execute
  • g+s ensures new files inherit group permissions

For a virtual host at /Users/Shared/WebSites/mysite:

<VirtualHost *:80>
    ServerName mysite.local
    DocumentRoot "/Users/Shared/WebSites/mysite"
    <Directory "/Users/Shared/WebSites/mysite">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

If encountering 403 Forbidden errors:

# Check directory permissions
ls -ld /path/to/problem/directory

# Check Apache error log
tail -n 20 /var/log/apache2/error_log

# Test with temporary open permissions
sudo chmod 755 /path/to/problem/directory

Remember to tighten permissions after testing.

In macOS 10.6 Snow Leopard, the Apache web server runs under the following default credentials:

User: _www
Group: _www

These are special system accounts created specifically for web services. The underscore prefix indicates they're system users rather than regular user accounts.

To confirm the running Apache instance's user/group, use this terminal command:

ps aux | grep httpd

You'll see output similar to:

_www      12345  0.0  0.3  2467528  12576   ??  S     3:45PM   0:00.01 /usr/sbin/httpd -D FOREGROUND

When setting permissions for web directories, use these patterns:

# For directories
sudo chown -R _www:_www /path/to/webroot
sudo chmod -R 755 /path/to/webroot

# For files
sudo find /path/to/webroot -type f -exec chmod 644 {} \;

In your httpd.conf or virtual host files, ensure the user/group directives match:

<VirtualHost *:80>
    ServerName example.com
    DocumentRoot "/path/to/webroot"
    User _www
    Group _www
    <Directory "/path/to/webroot">
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Common permission-related errors and solutions:

# If getting "Permission denied" errors:
sudo chmod +x /path/to/parent/directory

# For PHP file upload issues:
sudo chown -R _www:_www /path/to/upload/directory
sudo chmod -R 755 /path/to/upload/directory

Best practices for production environments:

  • Never run Apache as root or your personal user account
  • Keep the _www user in its own group
  • Use 750 permissions for sensitive directories
  • Regularly audit your file permissions with:
ls -la /path/to/webroot