Solutions
ForgeRock Identity Platform
ForgeRock Identity Cloud

Unable to find the "User" entry in the httpd.conf file error when installing the Apache Web Agent (All versions)

Last updated Sep 22, 2021

The purpose of this article is to provide assistance if you receive errors about users and groups when installing the Apache™ Web agent. You will see "Unable to find the "User" entry in the httpd.conf file, will try APACHE_RUN_USER environment variable" and/or "Unable to find the "Group" entry in the httpd.conf file, will try APACHE_RUN_GROUP environment variable" errors.


Symptoms

The following error is shown when installing the Web agent:

OpenAM Web Agent for Apache Server installation. Validating... Error validating OpenAM - Agent configuration. Installation failed.

The corresponding Install log shows the following errors:

2017-09-17 10:11:23 OpenAM Web Agent for Apache server silent installation 2017-09-17 10:11:23 license accepted with --acceptLicence option 2017-09-17 10:11:23 license was accepted earlier 2017-09-17 10:11:23 Unable to find the "User" entry in the httpd.conf file, will try APACHE_RUN_USER environment variable 2017-09-17 10:11:23 Unable to find the "Group" entry in the httpd.conf file, will try APACHE_RUN_GROUP environment variable 2017-09-17 10:11:23 am_agent_login(): closing connection after failure 2017-09-17 10:11:23 error validating OpenAM agent configuration 2017-09-17 10:11:23 installation error 2017-09-17 10:11:23 installation exit

Alternatively, you may not see an error when you install but instead see the following error in the error_log (located in the /path/to/apache/logs directory) when you start the server:

[unixd:alert] [pid 6616:tid 140758435143128] AH02155: getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive

Recent Changes

N/A

Causes

These errors occur when the user and group are not set in the Apache httpd.conf file (located in the path/to/apache/conf directory) or in the APACHE_RUN_USER and APACHE_RUN_GROUP environment variables (envvars file). The Apache worker process requires read/write access to the agent configuration and log files. These entries ensure that Apache is running with the correct user context and that the Agent files are created in a way that is owned and accessible to them.

Solution

This issue can be resolved as follows:

  1. Check whether the user and group are set; you can do this via the httpd.conf file or equivalent file (such as envvars). For example:
    • Review the httpd.conf file and check whether the user and group are set. By default, they are set to apache, for example: $ cat httpd.conf | grep 'User\|Group' ... User apache Group apache ..If they are not set, you should set them; you can set them to apache or nobody.
    • Review the envvars file to ensure the user and group are set in the APACHE_RUN_USER and APACHE_RUN_GROUP environment variables. For example: $ cat envvars | grep 'APACHE_RUN_USER\|APACHE_RUN_GROUP' export APACHE_RUN_USER=apache export APACHE_RUN_GROUP=apacheIf they are not set, you should set them; you can set them to apache or nobody.
  2. Review the passwd and group files to check whether the user and group match what is set in your httpd.conf file or equivalent. For example: $ cat /etc/passwd | grep apache apache:x:48:48:apache:/usr/share/httpd:/sbin/nologin $ cat /etc/group | grep apache apache:x:48:

If they are not set, you should set them to match what is in the httpd.conf file or equivalent.

Note

The Agent installer can change the ownership to the same User and Group specified in the Apache configuration. For further details on using the installer to set the appropriate permissions. See Install the Apache Web Agent.

See Also

Installing a Web Agent (All versions) fails with a no ssl/library support error

Install the Apache Web Agent

Related Training

N/A

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.