These classnotes are depreciated. As of 2005, I no longer teach the classes. Notes will remain online for legacy purposes

UNIX02/Concepts Of Chroot

Classnotes | UNIX02 | RecentChanges | Preferences

chroot is one of those staggeringly versatile commands under UNIX that almost no one uses fully. chroot runs a command or interactive shell from a special root directory. What does this mean?

Well, perhaps I should give an example. Let's say you have a directory tree under UNIX like the following:

 /
 /bin
 /home
 /sbin
 /target
     |- bin/
     |- sbin/
     |- usr/
     |- home/
 /usr

And that under /target, you have a complete installation of standard UNIX files. You could use chroot to place yourself into the directory tree under /target and you would not see the other files on the system. In other words, by issuing this command:

 # chroot /target

Your directory tree starting with root would look like this:

 /
 /bin
 /usr
 /home

and you would be inside /target, but without the option to leave target.

Why is something like this useful? There's actually many reasons, but a few worth mentionning are:

  • Application install or setup from a rescue CD (this is what we will be doing next)
  • Limitting users or specific applications with respect to what they can do on a system (this will be covered in UNIX03, but by way of a preview, imagine limitting a ftp daemon such that no one who compromises that daemon can harm anything on your system).
  • Operating system install (this is employed in the standard Gentoo Linux installation).


Classnotes | UNIX02 | RecentChanges | Preferences
This page is read-only | View other revisions
Last edited May 17, 2003 3:24 am (diff)
Search:
(C) Copyright 2003 Samuel Hart
Creative Commons License
This work is licensed under a Creative Commons License.