Explain: What is CHROOT?

January 7, 2006 by Jon  
Filed under Explanation

One of the mount points in a GNU/Linux system is the root mountpoint (usually referred to as ‘/’). This is the root of the entire file system and any file or directory on the machine can be referenced from this point.

The chroot command ‘changes the root’ to another location. Why would you want to do that? One of the more popular reasons is to create a sandbox for either an application or a user. Once a new root is declared via chroot, any references that a user or application makes to ‘/’ will resolve to the new directory. This is a pretty effective way to restrict access to the real root and therefore the real file system. In fact, sometimes that act of chrooting is referred to a jailing or a chrooted shell is referred to as a jail shell.

Note: My Kubuntu box is down right now and chroot doesn’t work properly on my Linspire box. Therefore, I have not tested these commands. If you spot any errors, please leave a comment for me.

Example:

chroot /home/jon

This changes the root of my file system to /home/jon. From now on, references like:

nano /textfile

Will cause nano (a text editor) to open up the textfile file in the /home/jon directoy.

Arguably, the chroot command is much more useful on a server to contain bad programs or users, but home users should be aware of chroot’s function.

Share and Enjoy:
  • StumbleUpon
  • Digg
  • Facebook
  • Mixx
  • Google
  • TwitThis
  • Reddit
  • Yahoo! Buzz
  • Tipd

Comments

6 Responses to “Explain: What is CHROOT?”
  1. jmcdonald says:

    Hi, this explanation of chroot is quite useful, but, what if I issued the chroot command and now I want to change my / to the original place (referencing the / filesystem and anything above it at its original place), how can I perform this?

    Thanks,
    Jorge

  2. Kane says:

    Jorge: just use the command “exit” to leave the chrooted shell.

  3. Mike Durham says:

    If the root is now “/home/jon” how can you run “nano” which presumably would be in RealRoot/bin?

  4. Greg says:

    The executables you want to use must be in the chroot directory. Example: chroot /home/jon will try to execute $SHELL, like /bin/bash, if no other options are given. This means /home/jon/bin/bash and it support files must exist. Run ldd /bin/bash to find out what shared libraries must exist. Also run info chroot on any linux system for a good example.

  5. Tak says:

    Good and clear explanation.

Trackbacks

Check out what others are saying about this post...
  1. Creating a Linux Terminal Media Server for Your Home PC's | Ubuntu Linux Help says:

    [...] “The chroot command ‘changes the root’ to another location. Why would you want to do that? One of the more popular reasons is to create a sandbox for either an application or a user. Once a new root is declared via chroot, any references that a user or application makes to ‘/’ will resolve to the new directory. This is a pretty effective way to restrict access to the real root and therefore the real file system. In fact, sometimes that act of chrooting is referred to a jailing or a chrooted shell is referred to as a jail shell.” Read more here: https://www.newlinuxuser.com/explain-what-is-chroot/ [...]



Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!



About Us | Advertise with us | Blog for EveryJoe | Privacy Policy | Terms of Use
Get This Theme


All content is Copyright © 2005-2009 b5media. All rights reserved.