CHROOT(2) NetBSD System Calls Manual CHROOT(2)
NAME
chroot -- change root directory
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <unistd.h>
int
chroot(const char *dirname);
int
fchroot(int fd);
DESCRIPTION
dirname is the address of the pathname of a directory, terminated by an
ASCII NUL. chroot() causes dirname to become the root directory, that
is, the starting point for path searches of pathnames beginning with `/'.
In order for a directory to become the root directory a process must have
execute (search) access for that directory.
If the current working directory is not at or under the new root direc-
tory, it is silently set to the new root directory. It should be noted
that, on most other systems, chroot() has no effect on the process's cur-
rent directory.
This call is restricted to the super-user.
The fchroot() function performs the same operation on an open directory
file known by the file descriptor fd.
RETURN VALUES
Upon successful completion, a value of 0 is returned. Otherwise, a value
of -1 is returned and errno is set to indicate an error.
ERRORS
chroot() will fail and the root directory will be unchanged if:
[ENOTDIR] A component of the path name is not a directory.
[ENAMETOOLONG] A component of a pathname exceeded {NAME_MAX} charac-
ters, or an entire path name exceeded {PATH_MAX} char-
acters.
[ENOENT] The named directory does not exist.
[EACCES] Search permission is denied for any component of the
path name.
[ELOOP] Too many symbolic links were encountered in translat-
ing the pathname.
[EFAULT] dirname points outside the process's allocated address
space.
[EIO] An I/O error occurred while reading from or writing to
the file system.
[EPERM] The effective user ID of the calling process is not
the super-user.
fchroot() will fail and the root directory will be unchanged if:
[EACCES] Search permission is denied for the directory refer-
enced by the file descriptor.
[EBADF] The argument fd is not a valid file descriptor.
[EIO] An I/O error occurred while reading from or writing to
the file system.
[ENOTDIR] The argument fd does not reference a directory.
[EPERM] The effective user ID of the calling process is not
the super-user.
SEE ALSO
chdir(2)
STANDARDS
The chroot() function conforms to X/Open System Interfaces and Headers
Issue 5 (``XSH5''), with the restriction that the calling process' work-
ing directory must be at or under the new root directory. Otherwise, the
working directory is silently set to the new root directory; this is an
extension to the standard.
chroot() was declared a legacy interface, and subsequently removed in
IEEE Std 1003.1-2001 (``POSIX.1'').
HISTORY
The chroot() function call appeared in 4.2BSD. Working directory han-
dling was changed in NetBSD 1.4 to prevent one way a process could use a
second chroot() call to a different directory to "escape" from the
restricted subtree. The fchroot() function appeared in NetBSD 1.4.
NetBSD 5.0 April 18, 2001 NetBSD 5.0
