chroot(8) System Manager's Manual chroot(8)Name
chroot - change root directory for a command
Syntax
/usr/bin/chroot newroot command
Description
The program is executed relative to the new root. The meaning of any initial slashes (/) in path names is changed for a command and any of
its children to newroot. Furthermore, the initial working directory is newroot.
The new root path name is always relative to the current root: even if a is currently in effect, the newroot argument is relative to the
current root of the running process.
Restrictions
This program is restricted to processes with appropriate privileges.
Use extreme caution when referencing special files in the new root file system.
Examples
The following example will create the file x relative to the original root, not the new one.
% chroot newroot command >x
See Alsochdir(2), chroot(2)chroot(8)
Check Out this Related Man Page
chroot(1M) System Administration Commands chroot(1M)NAME
chroot - change root directory for a command
SYNOPSIS
/usr/sbin/chroot newroot command
DESCRIPTION
The chroot utility causes command to be executed relative to newroot. The meaning of any initial slashes (/) in the path names is changed
to newroot for command and any of its child processes. Upon execution, the initial working directory is newroot.
Notice that redirecting the output of command to a file,
chroot newroot command >x
will create the file x relative to the original root of command, not the new one.
The new root path name is always relative to the current root. Even if a chroot is currently in effect, the newroot argument is relative to
the current root of the running process.
This command can be run only by the super-user.
RETURN VALUES
The exit status of chroot is the return value of command.
EXAMPLES
Example 1 Using the chroot Utility
The chroot utility provides an easy way to extract tar files (see tar(1)) written with absolute filenames to a different location. It is
necessary to copy the shared libraries used by tar (see ldd(1)) to the newroot filesystem.
example# mkdir /tmp/lib; cd /lib
example# cp ld.so.1 libc.so.1 libcmd.so.1 libdl.so.1
libsec.so.1 /tmp/lib
example# cp /usr/bin/tar /tmp
example# dd if=/dev/rmt/0 | chroot /tmp tar xvf -
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO cd(1), tar(1), chroot(2), ttyname(3C), attributes(5)NOTES
Exercise extreme caution when referencing device files in the new root file system.
References by routines such as ttyname(3C) to stdin, stdout, and stderr will find that the device associated with the file descriptor is
unknown after chroot is run.
SunOS 5.11 15 Dec 2003 chroot(1M)
Hi, I'm new to linux and unix, and i have couple of problems:
1) how can i limit the access for a user, for example, i created a user, and i want that this user will be able to be only in one directory, and will see only the files i want him to.
2) I have a domain name, and i want that every... (4 Replies)
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Hi all,
I am using RHEL 5.0
I need a user say test to have full access to two directories, say /tmp1 & /tmp2 only other than his home directory.
I do not want to change his login shell which is ksh or bash by default.
Moreover, he should not even have read access of other directories.
... (10 Replies)
specifically - I don't need to restrict a user to a single directory - but I want them to be "ROOTED" to their home directory.
so if my home directory is /home/onlyme
when I login - if I do a pwd - I want to see:
/
but in real life I will be in /home/onlyme - it just appears as root to... (10 Replies)
Hi all. I have installed openssh 5.3 and set up jailed root.
It works almost as I want it to I cant cd to any directory above my ch root.
my config :
entry in passwd:
test2:x:103:113::/users2/test2:/bin/false
sshd_conf:
Match User test2
ChrootDirectory /users2/%u
# ... (4 Replies)
Hi all,
I have a tar file that was done with tar -cvf <tar_file> /directory.
Is there any way that I can untar this, i.e. tar -xvf <tar_file> into a different directory?
So far Google said you can't do tar -xvf to a different directory.
Unfortunately, am not the one doing the tar -cvf... (9 Replies)
Firstly Hi everyone :)
I setup SFTP and SSH jail using this tutorial:
http://www.howtoforge.com/chrooted-ssh-sftp-tutorial-debian-lenny
SFTP jail works however now when I try to SSH it accepts my password and then just goes to a blank screen. Type any command and the shell session is... (11 Replies)
I have a simple sandbox program which runs a command as user "nobody" in a chroot jail. It sets resource limits with setrlimit, changes the user id with setuid, changes the root dir with chroot, and then calls exec to execute the command given as command line parameters. It is of course a... (8 Replies)
Hello, I installed 'vsftpd' and scrolled through the config file. I liked to change the chroot-setting. Now I can't connect to a subfolder anymore - it is a link to a subfolder to my mainfolder for the www-content ( /var/www/userxxx ). Is there a way to use chroot und use links to folders at... (4 Replies)
Hello,
I have a weird issue, I have RHEL 5.7 running with openssh5.2 where sftpgroup OS group is chroot. I see the difference difference in timestamp on files, when I login via ssh and SFTP, I see four hour difference, is something missing in my configuration.
#pwd... (8 Replies)
I needed to set up an sftp server for an external user to upload data for an internal developer.
What I did was created a chrooted user for the external guy, and then created an internal group with full permissions to that directory and then made the internal developer a member of that group so... (5 Replies)
I am really confused as to why a tool like fakechroot exists and what does it do.
Chroot is an ability only for root users, correct? Then a tool that allows to bypass that is clearly a security flaw, correct?
When and why would you need something like this?
Is there any relation between... (7 Replies)
The script works and creates a modified iso fine until I added the chrootbeg and chrootend functions and executed them. I'm sorry if I did something wrong this is my first post. I uploaded entire bash script for reference or in case you want to run it to debug it is called isoremast.txt.
... (5 Replies)