Default Apache User/Group Configuration in CentOS 5/6: Technical Reference for System Administrators


2 views

In CentOS 5/6 systems, Apache HTTP Server runs under a dedicated system account for security purposes. The default configuration follows the principle of least privilege, where the web server operates with minimal necessary permissions.

The default user/group assignments are:

# CentOS 5/6 default Apache configuration
User apache
Group apache

These values are defined in the main configuration file:

/etc/httpd/conf/httpd.conf

To confirm the current running user/group:

ps aux | grep httpd
# Or alternatively:
ps -ef | grep httpd

Sample output showing process ownership:

apache   12345  0.0  0.5 123456 7890 ? S    12:34   0:00 /usr/sbin/httpd

The primary configuration file contains these settings near the top:

# Example from /etc/httpd/conf/httpd.conf
# User/Group: The name (or #number) of the user/group to run httpd as.
User apache
Group apache

When modifying these values:

  • Never run Apache as root
  • The specified user should have restricted shell access (/sbin/nologin)
  • Ensure proper ownership of web directories: 
    chown -R apache:apache /var/www/html

Common permission-related errors and solutions:

# Error: (13)Permission denied
sudo setsebool -P httpd_read_user_content 1

# Error: Forbidden (403)
sudo chmod 755 /var/www/html
sudo chown apache:apache -R /var/www/html

To change the default user (advanced scenario):

# Create new system user
sudo useradd -r -s /sbin/nologin webadmin

# Update httpd.conf
User webadmin
Group webadmin

# Restart Apache
sudo service httpd restart


In CentOS 5 and 6, Apache HTTP Server (httpd) runs under a dedicated system user and group for security isolation. The default configuration uses:

User apache
Group apache

To check the current Apache user/group settings:

grep -E '^User|^Group' /etc/httpd/conf/httpd.conf

Sample output for CentOS 5/6:

User apache
Group apache

Verify running Apache processes:

ps aux | grep httpd
# Or for process hierarchy:
pstree -p | grep httpd

When setting up web directories, ensure proper permissions:

chown -R apache:apache /var/www/html/
chmod -R 755 /var/www/html/

To modify the default user/group (not recommended for security reasons):

# Edit /etc/httpd/conf/httpd.conf
User newuser
Group newgroup
# Then restart Apache:
service httpd restart

If using SELinux, verify context:

ls -Z /var/www/html
chcon -R -t httpd_sys_content_t /var/www/html

Common errors and solutions:

# Permission denied errors:
setenforce 0 # Temporarily disable SELinux for testing
chmod 755 /var/log/httpd/ # Ensure log directory accessibility