First question: why there are two error log files? One is /var/www/mywebsite/error.log, which is specified in <VirtualHost> with the ErrorLog instruction. The other is /var/log/httpd/error_log. I cannot find where it is defined.There is a line outside <VirtualHost> in /etc/httpd/conf/httpd.conf:
ErrorLog "logs/error_log"
But I think this is not corresponding to /var/log/httpd/error_log.
Second question: why the owner of both error log files is root:root, not apache:apache as specified in /etc/httpd/conf/httpd.conf:
User apache
Group apache
Two error log files because there is one for the server overall (concerning start up errors and issues impacting all VirtualHosts) and the ErrorLog in a VirtualHost is limited to error messages specific to events regarding thatVirtualHost. (for instance a 404 error)
The second:
When Apache starts as root (to be able to bind to privileged ports 80 and 443) it can drop privileges and will subsequently run as the user defined in the User directive: Apache. Log files are opened at startup (before dropping privileges) and are therefore owned by the user starting Apache I.e. root.