*** UNIX MANUAL PAGE BROWSER ***

A Nergahak database for man pages research.

Navigation

Location: Home > OpenBSD > Section 2 > chroot
Quick Actions: [Home] [Up]

Directory Browser

1Browse 4.4BSD4.4BSD
1Browse Digital UNIXDigital UNIX 4.0e
1Browse FreeBSDFreeBSD 14.3
1Browse MINIXMINIX 3.4.0rc6-d5e4fc0
1Browse NetBSDNetBSD 10.1
1Browse OpenBSDOpenBSD 7.7
1Browse UNIX v7Version 7 UNIX
1Browse UNIX v10Version 10 UNIX

Manual Page Search

Manual Page Result

0 Command: chroot | Section: 2 | Source: OpenBSD | File: chroot.2
CHROOT(2) FreeBSD System Calls Manual CHROOT(2) NAME chroot - change root directory SYNOPSIS #include <unistd.h> int chroot(const char *dirname); DESCRIPTION dirname is the address of the pathname of a directory, terminated by an ASCII NUL. chroot() causes dirname to become the root directory, that is, the starting point for path searches of pathnames beginning with `/'. In order for a directory to become the root directory, a process must have execute (search) access for that directory. If the program is not currently running with an altered root directory, it should be noted that chroot() has no effect on the process's current directory. If the program is already running with an altered root directory, the process's current directory is changed to the same new root directory. This prevents the current directory from being further up the directory tree than the altered root directory. This call is restricted to the superuser. RETURN VALUES Upon successful completion, the value 0 is returned; otherwise the value -1 is returned and the global variable errno is set to indicate the error. EXAMPLES The following example changes the root directory to newroot, sets the current directory to the new root, and drops some setuid privileges. There may be other privileges which need to be dropped as well. #include <err.h> #include <unistd.h> if (chroot(newroot) != 0 || chdir("/") != 0) err(1, "%s", newroot); setresuid(getuid(), getuid(), getuid()); ERRORS chroot() will fail and the root directory will be unchanged if: [ENOTDIR] A component of the pathname is not a directory. [ENAMETOOLONG] A component of a pathname exceeded NAME_MAX characters, or an entire pathname (including the terminating NUL) exceeded PATH_MAX bytes. [ENOENT] The named directory does not exist. [EACCES] Search permission is denied for any component of the pathname. [ELOOP] Too many symbolic links were encountered in translating the pathname. [EFAULT] dirname points outside the process's allocated address space. [EIO] An I/O error occurred while reading from or writing to the file system. [EPERM] The caller is not the superuser. SEE ALSO chdir(2) HISTORY The chroot() system call first appeared in Version 7 AT&T UNIX. CAVEATS There are ways for a root process to escape from the chroot jail. Changes to the directory hierarchy made from outside the chroot jail may allow a restricted process to escape, even if it is unprivileged. Passing directory file descriptors via recvmsg(2) from outside the chroot jail may also allow a process to escape. FreeBSD 14.1-RELEASE-p8 March 31, 2022 FreeBSD 14.1-RELEASE-p8

Navigation Options

Actions: [Home] [Back] [New Search]
Browse: [Browse OpenBSD] [Section 2]
Print/Export: [Print] [Raw Text]
Date: 2025-08-18 Time: 19:23:02 SAST |
Page generated in 0.0211 seconds
Nergahak ManpageViewer v1.4
[Back to Top]