Seth Woolley's Man Viewer

Manual for chroot - man 2 chroot

([section] manual, -k keyword, -K [section] search, -f whatis)
man plain no title

CHROOT(2)                  Linux Programmer's Manual                 CHROOT(2)



NAME
       chroot(1,2) - change root directory

SYNOPSIS
       #include <unistd.h>

       int chroot(1,2)(const char *path);

DESCRIPTION
       chroot(1,2)  changes  the  root  directory  to that specified in(1,8) path.  This
       directory will be used for path  names  beginning  with  /.   The  root
       directory is inherited by all children of the current process.

       Only  a privileged process (Linux: one with the CAP_SYS_CHROOT capabil-
       ity) may call chroot(1,2)(2).

       This call changes an ingredient in(1,8) the pathname resolution process  and
       does nothing else.

       This  call does not change the current working directory, so that after
       the call `.' can be outside the tree rooted at `/'.  In particular, the
       super-user  can escape from a `chroot(1,2) jail' by doing `mkdir(1,2) foo; chroot(1,2)
       foo; cd ..'.

       This call does not close(2,7,n) open(2,3,n) file(1,n) descriptors, and such file(1,n)  descrip-
       tors may allow access(2,5) to files outside the chroot(1,2) tree.


RETURN VALUE
       On  success,  zero is returned.  On error(8,n), -1 is returned, and errno is
       set(7,n,1 builtins) appropriately.

ERRORS
       Depending on the file(1,n) system, other errors can be returned.   The  more
       general errors are listed below:

       EACCES Search  permission  is denied on a component of the path prefix.
              (See also path_resolution(2).)

       EFAULT path points outside your accessible address space.

       EIO    An I/O error(8,n) occurred.

       ELOOP  Too many symbolic links were encountered in(1,8) resolving path.

       ENAMETOOLONG
              path is too long.

       ENOENT The file(1,n) does not exist.

       ENOMEM Insufficient kernel memory was available.

       ENOTDIR
              A component of path is not a directory.

       EPERM  The caller has insufficient privilege.

CONFORMING TO
       SVr4, SVID, 4.4BSD, X/OPEN.  This function  is  not  part  of  POSIX.1.
       SVr4  documents  additional  EINTR,  ENOLINK and EMULTIHOP error(8,n) condi-
       tions.  X/OPEN does not document EIO, ENOMEM  or  EFAULT  error(8,n)  condi-
       tions.  This interface is marked as legacy by X/OPEN.

NOTES
       FreeBSD has a stronger jail() system call.

SEE ALSO
       chdir(2), path_resolution(2)



Linux 2.6.7                       2004-06-23                         CHROOT(2)

References for this manual (incoming links)