Date: Wed, 23 Jan 2002 20:13:30 +0200 From: Ruslan Ermilov <ru@freebsd.org> To: Gerald Pfeifer <pfeifer@dbai.tuwien.ac.at> Cc: freebsd-bugs@freebsd.org Subject: Re: bin/34159: chroot man page-implementation mismatch Message-ID: <20020123201330.A25404@sunbay.com> In-Reply-To: <Pine.BSF.4.44.0201231827250.32692-100000@naos.dbai.tuwien.ac.at> References: <20020123192515.D9922@sunbay.com> <Pine.BSF.4.44.0201231827250.32692-100000@naos.dbai.tuwien.ac.at>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 23, 2002 at 06:44:11PM +0100, Gerald Pfeifer wrote:
> Thanks for the quick response!
>
> On Wed, 23 Jan 2002, Ruslan Ermilov wrote:
> >> "This command can be run only by the super-user."
> > Why? I can run it under a normal user account. This is chroot(2)
> > syscall that doesn't allow it to execute, not chroot(8), and
> > chroot(2) is properly documented.
>
> Are you sure? As a regular user, I always get
>
> chroot: $DIRNAME: Operation not permitted
> chroot: /: Operation not permitted
> :
>
> regardless of the directory (/tmp/, lokal disk, NFS mount, even /), I
> specify, whereas exactly the same command executed as root works just
> fine.
>
The point here is that chroot(8) doesn't have a code that prevents it
from working under non-root, but chroot(2) does. chroot(8) can be
EXECUTED by a regular user too, but the result will be different.
Also, chroot(8) behaves differently under jails.
> Would you mind providing an example how this works for a regular user so
> that I can test it?
>
jail(8) then chroot(8). :-)
> >> o "exec's command" should most probably read "exec's command relative
> >> to newroot".
> > IMO, the preceding "changes its root directory to the supplied directory
> > newroot" makes things clear without this. Commands are not executed
> > "relative to some directory".
>
> My suggestion was based on what Sun's technical writers used for Solaris 8,
> which are native speakers (unlike you or me).
>
I don't bye these, sorry. :-)
> In any case, the current documentation in FreeBSD does not make it clear
> enough that command (if specified) and especially the "interactive copy
> of your shell" already are with respect to the newly set root.
>
I disagree. It's clear that "chroot(8) changes its root directory to
that specified, and then executes the command or a shell". Please note
that the current directory is not affected by chroot(2) syscall, see
manpage for details.
> Also, the documentation does not make it clear that "your shell"
> apparently refers to the shell in /etc/passwd, not the shell you're
> currently running.
>
How it could be unclear from reading the ENVIRONMENT section that
chroot(8) runs ${SHELL} or /bin/sh if SHELL is unset?
Cheers,
--
Ruslan Ermilov Oracle Developer/DBA,
ru@sunbay.com Sunbay Software AG,
ru@FreeBSD.org FreeBSD committer,
+380.652.512.251 Simferopol, Ukraine
http://www.FreeBSD.org The Power To Serve
http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020123201330.A25404>