From owner-freebsd-hackers@freebsd.org Sun Sep 27 19:03:08 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3CD89424A85 for ; Sun, 27 Sep 2020 19:03:08 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-qv1-xf2c.google.com (mail-qv1-xf2c.google.com [IPv6:2607:f8b0:4864:20::f2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Bzw5k2LFyz46mh for ; Sun, 27 Sep 2020 19:03:06 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-qv1-xf2c.google.com with SMTP id f11so4329286qvw.3 for ; Sun, 27 Sep 2020 12:03:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=u06zlxQeZdodnk2k8p4pcjm3iBdYRqUpSXbfa0NnLeg=; b=12x2qkRTa7d9zzojunTMOwkoPTtPjCapTuLonJ6YEVNEYcP3p7ZAsWv3tQbIBNtNfK PmOPiww0VU35R1A9/OunpBJdW8G8SXeT7f/Z1woLcSn7F37jSQiOFDTOEMi2Zl5816xX lf8cK0ZWRPIA4PyvPQMkwDQhXCrwpUGvj8OGezNJy4c2c4KTjMbeQpiMmw+eBePG2Yfy z2HlvuheQgr1fIx1Mqr/dS2npXTJC/ZlIHhdM5b3NJAE9yLXgTUdWJMEXa8WPGLyQ00S vR0D2J5B9IemCGbEsuq/WTk6xJnTUmsfVFGdO3/HeKmWfNRb0cgulrhPtLckACs7SYpr Nnbg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=u06zlxQeZdodnk2k8p4pcjm3iBdYRqUpSXbfa0NnLeg=; b=MszYr5w5bphmH+2VCiCO93viCXZc+jj1nuT+yn1UIGbwYptBhhWzkCnD5y7MlY9diD t2+AuxGFfAU80MvDG2J25VEmYsTA0VLl90jNcrYpIQt0zCVn/I9/ulwMtjWxGX5BlXLk w8L65xgPk/9e2fU7+Na0jAITNyutRhmx40C6HNPNXLCD+v+57lxC8UZpwblk+zBykB8C PPBu2NbEoxiVfXbYE1Ad8Y06qdas56q2n4wwp6CfYA7A+GRJP3ceY372CUrZ167HdcXg rFzpfDBOIAC6yEbr5IdgLs+Qk+TzguXGdh8kBQ/KPNSvDKpCzlaZIje1jlfY8nSVljM5 1RVw== X-Gm-Message-State: AOAM532RPufn6UFQYFRyOMGZgZgF8y59vPkzUMVuFDCmxNCtkologKfX ALrTWKQKJjmtQ2kZbUkzYaYpnqPHnjavKMzpEdjKexzZWAnQpg== X-Google-Smtp-Source: ABdhPJwEYBrJ/BMuPGBXjpXh/IOYFbOuWNuc6CRbP3HgmMMQvbzhz9Y31dPU5W4ZcgAGs4xQjilsGC7KhOok1cC0ufw= X-Received: by 2002:ad4:47cc:: with SMTP id p12mr8564423qvw.26.1601233385246; Sun, 27 Sep 2020 12:03:05 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Warner Losh Date: Sun, 27 Sep 2020 13:02:54 -0600 Message-ID: Subject: Re: Is it possible to exit the chroot(2) environment? To: Yuri Cc: Freebsd hackers list X-Rspamd-Queue-Id: 4Bzw5k2LFyz46mh X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=bsdimp-com.20150623.gappssmtp.com header.s=20150623 header.b=12x2qkRT; dmarc=none; spf=none (mx1.freebsd.org: domain of wlosh@bsdimp.com has no SPF policy when checking 2607:f8b0:4864:20::f2c) smtp.mailfrom=wlosh@bsdimp.com X-Spamd-Result: default: False [-0.70 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[bsdimp-com.20150623.gappssmtp.com:s=20150623]; NEURAL_HAM_MEDIUM(-0.99)[-0.991]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.27)[0.270]; NEURAL_HAM_LONG(-0.98)[-0.980]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[bsdimp.com]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[bsdimp-com.20150623.gappssmtp.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::f2c:from]; R_SPF_NA(0.00)[no SPF record]; FORGED_SENDER(0.30)[imp@bsdimp.com,wlosh@bsdimp.com]; MIME_TRACE(0.00)[0:+,1:+,2:~]; SUBJECT_ENDS_QUESTION(1.00)[]; RCVD_COUNT_TWO(0.00)[2]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[imp@bsdimp.com,wlosh@bsdimp.com]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Sep 2020 19:03:08 -0000 On Sun, Sep 27, 2020 at 12:30 PM Yuri wrote: > This line > > https://github.com/rpm-software-management/rpm/blob/master/lib/rpmchroot.c#L155 > calls chroot(".") in order to exit from the chroot environment. > Interesting. FreeBSD doesn't allow that. > It apparently succeeds on Linux (this is rpm), but it fails on FreeBSD > with "Operation not permitted", while executed under sudo. > > The chroot(2) man page doesn't mention anything about exiting the chroot > environment. > True. Such behavior is undefined. There's no defined notion of exiting a chroot. It doesn't seem to be documented in the few examples of the chroot(2) call linux man pages I've found. Do you have documentation on what, exactly, it's supposed to do? Does chroot(2) behave differently on Linux and FreeBSD, and chroot(".") > is a valid way to exit on Linux and not on FreeBSD? Or what is going on > here? > Generally, one is not supposed to exit a chroot. :) Though jail(2) exists because it's trivially possible in most cases. I wish somebody familiar with chroot add this information into the > chroot(2) man page. > POSIX never defined the behavior (and it's been removed in newer versions of POSIX). Warner