int
chroot(
const char *dirname
)
int
fchroot(
int fd
)
dirname
is the address of the pathname of a directory, terminated by an ASCII NUL.
chroot(
)
causes
dirname
to become the root directory,
that is, the starting point for path searches of pathnames
beginning with
`/'.
In order for a directory to become the root directory a process must have execute (search) access for that directory.
If the current working directory is not at or under the new root
directory, it is silently set to the new root directory.
It should be noted that, on most other systems,
chroot()
has no effect on the process's current directory.
This call is restricted to the super-user.
The
fchroot()
function performs the same operation on an open directory file
known by the file descriptor
fd
.
)
will fail and the root directory will be unchanged if:
ENOTDIR
]
ENAMETOOLONG
]
{NAME_MAX}
characters, or an entire path name exceeded
{PATH_MAX}
characters.
ENOENT
]
EACCES
]
ELOOP
]
EFAULT
]
dirname
points outside the process's allocated address space.
EIO
]
EPERM
]
fchroot()
will fail and the root directory will be unchanged if:
EACCES
]
EBADF
]
fd
is not a valid file descriptor.
EIO
]
ENOTDIR
]
fd
does not reference a directory.
EPERM
]
)
function conforms to
X/Open System Interfaces and Headers Issue 5 (``XSH5'') ,
with the restriction that the calling process' working directory must be at
or under the new root directory.
Otherwise, the working directory is silently set to the new root directory;
this is an extension to the standard.
chroot()
was declared a legacy interface, and subsequently removed in
IEEE Std 1003.1-2001 (``POSIX.1'') .
)
function call appeared in
4.2BSD.
Working directory handling was changed in
NetBSD1.4
to prevent one way a process could use a second
chroot(
)
call to a different directory to "escape" from the restricted subtree.
The
fchroot(
)
function appeared in
NetBSD1.4.