CHROOT(8) - System Manager's Manual

CHROOT(8) - System Manager’s Manual #

CHROOT(8) - System Manager’s Manual

NAME #

chroot - change root directory

SYNOPSIS #

chroot [-g group[,group[,]]] [-u user] newroot [command]

DESCRIPTION #

The chroot command changes its root directory to the supplied directory newroot and executes command, if supplied, or an interactive copy of the user’s shell.

The chroot command is restricted to the superuser.

The options are as follows:

-g group[,group[,]]

Override the primary and supplemental group IDs. The primary group ID is set to the first group in the list. Any remaining groups are placed in the supplemental group ID vector. Each group listed must exist in the group(5) databases.

-u user

Set user ID to user (which must exist in the passwd(5) database). The primary and supplemental group IDs will be set based on the user’s entries in the passwd(5) and group(5) databases unless overridden by the -g option. Additional settings may be applied as specified in login.conf(5) depending on user’s login class.

ENVIRONMENT #

SHELL

If set, the string specified by SHELL is interpreted as the name of the shell to execute. If the variable SHELL is not set, /bin/sh is used.

SEE ALSO #

ldd(1), group(5), login.conf(5), passwd(5), environ(7)

HISTORY #

The chroot utility first appeared in 4.3BSD-Reno.

CAVEATS #

chroot should never be installed setuid root, as it would then be possible to exploit the program to gain root privileges.

OpenBSD 7.5 - September 12, 2015