When a connection to port 80 is established, I read that these client requests are handled by child servers(in case of prefork MPM) or server thread(in worker MPM) but not by master server(the apache process that is started first by the root user and which is responsible for forking new child). But how, these child servers and server threads run as non-privileged users and so how can they access the privileged port 80 which can only be done by the 'master server'. Please throw some light on this. I have never seen any explanation anywhere.
+1
A:
You only need privileges to start listening on a privileged port. If the process is started as root, then it can bind() on port 80, and then drop privileges. It will no longer be root, but as long as it does not close the filedescriptor that listens to port 80, it will continue to be able to accept new connections on port 80.
To fork new processes, you need no special rights....
Peter
2010-10-30 13:36:26
Thanks for the response :) So all the request handling in apache is done by child server (in case of prefork implementation) or server threads(in case of worker implementation) and no request is being served by the master server?
2010-10-30 13:51:12
That is correct, the master server only accepts a connection, chooses which child server is going to handle the request, and hands the request over to the child process.
Peter
2010-10-30 14:16:09
But I read in "The Apache Modeling Project Documentation" the master server creates child. In prefork model there is 'a listener'and'multiple idle worker' child. In this pool of child, they can be considered to stand in a queue. The child standing 1st known as the 'Listener' and all the rest, counted from the 2nd child are known as the 'Idle Worker'. Only the listener child is allowed to listen for connection from sockets(ie.e on port80). When a request is received, this child makes a transition in its state from 'Listener' to 'Worker'.
2010-10-31 03:55:44
This particular child then goes on to process the received request. In the meantime the child which was standing 2nd gets the 'Listener' status. When the 1st child, which became the 'worker', is done processing the request, it will change its state back to 'Idle Worker' and will then stand at the end of the same queue in which it was standing 1st previously. This cycle repeats as each request arrives. Each child server will only handle one request at a time.
2010-10-31 03:56:06
In case of worker implementation, the only difference being that the Listener is a 'thread'. So, be it worker or prefork implementation, the child or thread, which is the listener is only allowed to listen for connection and when connection is established with this and is request is received through this connection, it goes on to process the request.
2010-10-31 03:56:26
So in this model how can we say that the master server is the one that accepts connections on port 80? This was the big question and the reason for me asking my 1st question. Please explain.
2010-10-31 03:56:49
2010-10-31 03:57:24
I do not assert that what I said is right. It is what I understood from reading the document at the link I specified :) Please do rectify.
2010-10-31 03:58:13