1.\" $NetBSD: chroot.2,v 1.20 2003/04/16 13:34:51 wiz Exp $ 2.\" 3.\" Copyright (c) 1983, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" @(#)chroot.2 8.1 (Berkeley) 6/4/93 35.\" 36.Dd April 18, 2001 37.Dt CHROOT 2 38.Os 39.Sh NAME 40.Nm chroot 41.Nd change root directory 42.Sh LIBRARY 43.Lb libc 44.Sh SYNOPSIS 45.In unistd.h 46.Ft int 47.Fn chroot "const char *dirname" 48.Ft int 49.Fn fchroot "int fd" 50.Sh DESCRIPTION 51.Fa dirname 52is the address of the pathname of a directory, terminated by an ASCII NUL. 53.Fn chroot 54causes 55.Fa dirname 56to become the root directory, 57that is, the starting point for path searches of pathnames 58beginning with 59.Ql / . 60.Pp 61In order for a directory to become the root directory 62a process must have execute (search) access for that directory. 63.Pp 64If the current working directory is not at or under the new root 65directory, it is silently set to the new root directory. 66It should be noted that, on most other systems, 67.Fn chroot 68has no effect on the process's current directory. 69.Pp 70This call is restricted to the super-user. 71.Pp 72The 73.Fn fchroot 74function performs the same operation on an open directory file 75known by the file descriptor 76.Fa fd . 77.Sh RETURN VALUES 78Upon successful completion, a value of 0 is returned. 79Otherwise, a value of -1 is returned and 80.Va errno 81is set to indicate an error. 82.Sh ERRORS 83.Fn chroot 84will fail and the root directory will be unchanged if: 85.Bl -tag -width Er 86.It Bq Er ENOTDIR 87A component of the path name is not a directory. 88.It Bq Er ENAMETOOLONG 89A component of a pathname exceeded 90.Dv {NAME_MAX} 91characters, or an entire path name exceeded 92.Dv {PATH_MAX} 93characters. 94.It Bq Er ENOENT 95The named directory does not exist. 96.It Bq Er EACCES 97Search permission is denied for any component of the path name. 98.It Bq Er ELOOP 99Too many symbolic links were encountered in translating the pathname. 100.It Bq Er EFAULT 101.Fa dirname 102points outside the process's allocated address space. 103.It Bq Er EIO 104An I/O error occurred while reading from or writing to the file system. 105.It Bq Er EPERM 106The effective user ID of the calling process is not the super-user. 107.El 108.Pp 109.Fn fchroot 110will fail and the root directory will be unchanged if: 111.Bl -tag -width Er 112.It Bq Er EACCES 113Search permission is denied for the directory referenced 114by the file descriptor. 115.It Bq Er EBADF 116The argument 117.Fa fd 118is not a valid file descriptor. 119.It Bq Er EIO 120An I/O error occurred while reading from or writing to the file system. 121.It Bq Er ENOTDIR 122The argument 123.Fa fd 124does not reference a directory. 125.It Bq Er EPERM 126The effective user ID of the calling process is not the super-user. 127.El 128.Sh SEE ALSO 129.Xr chdir 2 130.Sh STANDARDS 131The 132.Fn chroot 133function conforms to 134.St -xsh5 , 135with the restriction that the calling process' working directory must be at 136or under the new root directory. 137Otherwise, the working directory is silently set to the new root directory; 138this is an extension to the standard. 139.Pp 140.Fn chroot 141was declared a legacy interface, and subsequently removed in 142.St -p1003.1-2001 . 143.Sh HISTORY 144The 145.Fn chroot 146function call appeared in 147.Bx 4.2 . 148Working directory handling was changed in 149.Nx 1.4 150to prevent one way a process could use a second 151.Fn chroot 152call to a different directory to "escape" from the restricted subtree. 153The 154.Fn fchroot 155function appeared in 156.Nx 1.4 . 157