NAME
chroot —
change root directory
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <unistd.h>
int
chroot(
const char
*dirname);
int
fchroot(
int
fd);
DESCRIPTION
dirname is the address of the pathname of a directory,
terminated by an ASCII NUL.
chroot() causes
dirname to become the root directory, that is, the
starting point for path searches of pathnames beginning with
‘
/
’.
In order for a directory to become the root directory a process must have
execute (search) access for that directory.
If the current working directory is not at or under the new root directory, it
is silently set to the new root directory. It should be noted that, on most
other systems,
chroot() has no effect on the process's
current directory.
This call is restricted to the super-user.
The
fchroot() function performs the same operation on an open
directory file known by the file descriptor
fd.
RETURN VALUES
Upon successful completion, a value of 0 is returned. Otherwise, a value of -1
is returned and
errno is set to indicate an error.
ERRORS
chroot() will fail and the root directory will be unchanged
if:
-
-
- [
ENOTDIR
]
- A component of the path name is not a directory.
-
-
- [
ENAMETOOLONG
]
- A component of a pathname exceeded
{
NAME_MAX
} characters, or an entire path name
exceeded {PATH_MAX
} characters.
-
-
- [
ENOENT
]
- The named directory does not exist.
-
-
- [
EACCES
]
- Search permission is denied for any component of the path
name.
-
-
- [
ELOOP
]
- Too many symbolic links were encountered in translating the
pathname.
-
-
- [
EFAULT
]
- dirname points outside the process's
allocated address space.
-
-
- [
EIO
]
- An I/O error occurred while reading from or writing to the
file system.
-
-
- [
EPERM
]
- The effective user ID of the calling process is not the
super-user.
fchroot() will fail and the root directory will be unchanged
if:
-
-
- [
EACCES
]
- Search permission is denied for the directory referenced by
the file descriptor.
-
-
- [
EBADF
]
- The argument fd is not a valid file
descriptor.
-
-
- [
EIO
]
- An I/O error occurred while reading from or writing to the
file system.
-
-
- [
ENOTDIR
]
- The argument fd does not reference a
directory.
-
-
- [
EPERM
]
- The effective user ID of the calling process is not the
super-user.
SEE ALSO
chdir(2)
STANDARDS
The
chroot() function conforms to
X/Open
System Interfaces and Headers Issue 5 (“XSH5”), with
the restriction that the calling process' working directory must be at or
under the new root directory. Otherwise, the working directory is silently set
to the new root directory; this is an extension to the standard.
chroot() was declared a legacy interface, and subsequently
removed in
IEEE Std 1003.1-2001
(“POSIX.1”).
HISTORY
The
chroot() function call appeared in
4.2BSD. Working directory handling was changed in
NetBSD 1.4 to prevent one way a process could use a
second
chroot() call to a different directory to
"escape" from the restricted subtree. The
fchroot() function appeared in
NetBSD
1.4.