Explain: What is CHROOT?

Posted in Technology
Sat, Jan 7 - 10:44 am EDT | 9 years ago by
Comments: 9
Share This Post:
  • Facebook
  • StumbleUpon
  • Tumblr
  • Reddit
  • Twitter

One of the mount points in a GNU/Linux system is the root mountpoint (usually referred to as ‘/’). This is the root of the entire file system and any file or directory on the machine can be referenced from this point.

The chroot command ‘changes the root’ to another location. Why would you want to do that? One of the more popular reasons is to create a sandbox for either an application or a user. Once a new root is declared via chroot, any references that a user or application makes to ‘/’ will resolve to the new directory. This is a pretty effective way to restrict access to the real root and therefore the real file system. In fact, sometimes that act of chrooting is referred to a jailing or a chrooted shell is referred to as a jail shell.

Note: My Kubuntu box is down right now and chroot doesn’t work properly on my Linspire box. Therefore, I have not tested these commands. If you spot any errors, please leave a comment for me.

Example:

chroot /home/jon

This changes the root of my file system to /home/jon. From now on, references like:

nano /textfile

Will cause nano (a text editor) to open up the textfile file in the /home/jon directoy.

Arguably, the chroot command is much more useful on a server to contain bad programs or users, but home users should be aware of chroot’s function.

Latest Posts

Share This Post:
  • Facebook
  • StumbleUpon
  • Tumblr
  • Reddit
  • Twitter
  • jmcdonald

    Hi, this explanation of chroot is quite useful, but, what if I issued the chroot command and now I want to change my / to the original place (referencing the / filesystem and anything above it at its original place), how can I perform this?

    Thanks,
    Jorge

  • Kane

    Jorge: just use the command “exit” to leave the chrooted shell.

  • Mike Durham

    If the root is now “/home/jon” how can you run “nano” which presumably would be in RealRoot/bin?

  • Greg

    The executables you want to use must be in the chroot directory. Example: chroot /home/jon will try to execute $SHELL, like /bin/bash, if no other options are given. This means /home/jon/bin/bash and it support files must exist. Run ldd /bin/bash to find out what shared libraries must exist. Also run info chroot on any linux system for a good example.

  • Pingback: Creating a Linux Terminal Media Server for Your Home PC's | Ubuntu Linux Help

  • Tak

    Good and clear explanation.

  • blaz

    good explanation. what if i chroot to /home/user/test, then create a directory in it, mount my original root file system (for example /dev/hda1) and chroot to it? Is there everything like it was or do i have two chrooted shell instances running?

  • g

    really useful… now i know about my proftpd (ftp server) works with this in debian (linux) family! great thanks!

  • Nelli

    very cool … thanks! :)