chroot(2) System Calls Manual chroot(2) chroot - LIBRARY Standard C library (libc, -lc) #include int chroot(const char *path); glibc (. feature_test_macros(7)): chroot(): Since glibc 2.2.2: _XOPEN_SOURCE && ! (_POSIX_C_SOURCE >= 200112L) || /* Since glibc 2.20: */ _DEFAULT_SOURCE || /* glibc <= 2.19: */ _BSD_SOURCE Before glibc 2.2.2: none chroot() , path. , /. . (Linux: CAP_SYS_CHROOT ) chroot(). . , , (sandbox) . , chroot() open(2). , chroot, chroot. -- chdir(2) , , , , , ../../../etc/passwd. chdir(2) , , . < >>, , chroot, , . This call does not change the current working directory, so that after the call '.' can be outside the tree rooted at '/'. In particular, the superuser can escape from a "chroot jail" by doing: mkdir foo; chroot foo; cd .. chroot. On success, zero is returned. On error, -1 is returned, and errno is set to indicate the error. . : EACCES - (. path_resolution(7).) EFAULT path . EIO -. ELOOP path . ENAMETOOLONG path . ENOENT . ENOMEM . ENOTDIR path . EPERM . None. SVr4, 4.4BSD, SUSv2 ( ). POSIX.1-2001. , fork(2), . execve(2) . The magic symbolic link, /proc/pid/root, can be used to discover a process's root directory; see proc(5) for details. FreeBSD jail(). . chroot(1), chdir(2), pivot_root(2), path_resolution(7), switch_root(8) Azamat Hackimov , Dmitriy S. Seregin , Dmitry Bolkhovskikh , Katrin Kutepova , Yuri Kozlov ; GNU 3 , . . , , . Linux man-pages 6.06 31 2023 . chroot(2)