From owner-freebsd-bugs  Wed Jan 23  9:44:33 2002
Delivered-To: freebsd-bugs@freebsd.org
Received: from vexpert.dbai.tuwien.ac.at (vexpert.dbai.tuwien.ac.at [128.130.111.12])
	by hub.freebsd.org (Postfix) with ESMTP
	id 819BE37B417; Wed, 23 Jan 2002 09:44:15 -0800 (PST)
Received: from naos (naos [128.130.111.28])
	by vexpert.dbai.tuwien.ac.at (8.11.6/8.11.6) with ESMTP id g0NHiDB10822;
	Wed, 23 Jan 2002 18:44:13 +0100 (MET)
Date: Wed, 23 Jan 2002 18:44:11 +0100 (CET)
From: Gerald Pfeifer <pfeifer@dbai.tuwien.ac.at>
To: Ruslan Ermilov <ru@freebsd.org>
Cc: freebsd-bugs@freebsd.org
Subject: Re: bin/34159: chroot man page-implementation mismatch
In-Reply-To: <20020123192515.D9922@sunbay.com>
Message-ID: <Pine.BSF.4.44.0201231827250.32692-100000@naos.dbai.tuwien.ac.at>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

Thanks for the quick response!

On Wed, 23 Jan 2002, Ruslan Ermilov wrote:
>>     "This command can be run only by the super-user."
> Why?  I can run it under a normal user account.  This is chroot(2)
> syscall that doesn't allow it to execute, not chroot(8), and
> chroot(2) is properly documented.

Are you sure? As a regular user, I always get

  chroot: $DIRNAME: Operation not permitted
  chroot: /: Operation not permitted
  :

regardless of the directory (/tmp/, lokal disk, NFS mount, even /), I
specify, whereas exactly the same command executed as root works just
fine.

Would you mind providing an example how this works for a regular user so
that I can test it?

>>   o "exec's command" should most probably read "exec's command relative
>>     to newroot".
> IMO, the preceding "changes its root directory to the supplied directory
> newroot" makes things clear without this.  Commands are not executed
> "relative to some directory".

My suggestion was based on what Sun's technical writers used for Solaris 8,
which are native speakers (unlike you or me).

In any case, the current documentation in FreeBSD does not make it clear
enough that command (if specified) and especially the "interactive copy
of your shell" already are with respect to the newly set root.

Also, the documentation does not make it clear that "your shell"
apparently refers to the shell in /etc/passwd, not the shell you're
currently running.

Gerald
-- 
Gerald "Jerry" pfeifer@dbai.tuwien.ac.at http://www.dbai.tuwien.ac.at/~pfeifer/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message