chroot — change root directory
#include <unistd.h>
int
chroot( |
const char * | path) ; |
chroot
() changes the root
directory to that specified in path
. This directory will be
used for pathnames beginning with /. The root directory is
inherited by all children of the current process.
Only a privileged process (Linux: one with the
CAP_SYS_CHROOT
capability) may
call chroot(2).
This call changes an ingredient in the pathname resolution process and does nothing else.
This call does not change the current working directory, so that after the call `.' can be outside the tree rooted at `/'. In particular, the superuser can escape from a `chroot jail' by doing `mkdir foo; chroot foo; cd ..'.
This call does not close open file descriptors, and such file descriptors may allow access to files outside the chroot tree.
On success, zero is returned. On error, −1 is
returned, and errno
is set
appropriately.
Depending on the file system, other errors can be returned. The more general errors are listed below:
Search permission is denied on a component of the path prefix. (See also path_resolution(2).)
path
points
outside your accessible address space.
An I/O error occurred.
Too many symbolic links were encountered in
resolving path
.
path
is too
long.
The file does not exist.
Insufficient kernel memory was available.
A component of path
is not a
directory.
The caller has insufficient privilege.
A child process created via fork(2) inherits its parent's root directory. The root directory is left unchanged by execve(2).
FreeBSD has a stronger jail
() system call.
|