chroot()
changes the root directory of the calling process to that specified in
path.
This directory will be used for pathnames beginning with /.
The root directory is inherited by all children of the calling process.
Only a privileged process (Linux: one with the
CAP_SYS_CHROOT
capability) may call
chroot().
This call changes an ingredient in the pathname resolution process
and does nothing else.
This call does not change the current working directory,
so that after the call aq.aq can
be outside the tree rooted at aq/aq.
In particular, the superuser can escape from a "chroot jail"
by doing:
mkdir foo; chroot foo; cd ..
This call does not close open file descriptors, and such file
descriptors may allow access to files outside the chroot tree.
RETURN VALUE
On success, zero is returned.
On error, -1 is returned, and
errno
is set appropriately.
ERRORS
Depending on the file system, other errors can be returned.
The more general errors are listed below:
EACCES
Search permission is denied on a component of the path prefix.
(See also
path_resolution(7).)
EFAULT
path
points outside your accessible address space.
EIO
An I/O error occurred.
ELOOP
Too many symbolic links were encountered in resolving
path.
ENAMETOOLONG
path
is too long.
ENOENT
The file does not exist.
ENOMEM
Insufficient kernel memory was available.
ENOTDIR
A component of
path
is not a directory.
EPERM
The caller has insufficient privilege.
CONFORMING TO
SVr4, 4.4BSD, SUSv2 (marked LEGACY).
This function is not part of POSIX.1-2001.
NOTES
A child process created via
fork(2)
inherits its parent's root directory.
The root directory is left unchanged by
execve(2).
This page is part of release 3.14 of the Linux
man-pages
project.
A description of the project,
and information about reporting bugs,
can be found at
http://www.kernel.org/doc/man-pages/.
