Date: Sun, 27 Sep 2020 13:06:15 -0600 From: Warner Losh <imp@bsdimp.com> To: Yuri <yuri@rawbw.com> Cc: Freebsd hackers list <freebsd-hackers@freebsd.org> Subject: Re: Is it possible to exit the chroot(2) environment? Message-ID: <CANCZdfq4Lb-cHAkcNz3c4NRwi7ejB3XdTv3ZP96kDKZVSccQMg@mail.gmail.com> In-Reply-To: <CANCZdfqJ14-Cpvi9%2Bd%2BHRgWbHk7vDUNNOKLUVOC9iBUqZKX=Pw@mail.gmail.com> References: <b6412618-02ec-1dbd-f474-b4412d7b774b@rawbw.com> <CANCZdfqJ14-Cpvi9%2Bd%2BHRgWbHk7vDUNNOKLUVOC9iBUqZKX=Pw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 27, 2020 at 1:02 PM Warner Losh <imp@bsdimp.com> wrote: > > > On Sun, Sep 27, 2020 at 12:30 PM Yuri <yuri@rawbw.com> wrote: > >> This line >> >> https://github.com/rpm-software-management/rpm/blob/master/lib/rpmchroot.c#L155 >> calls chroot(".") in order to exit from the chroot environment. >> > > Interesting. FreeBSD doesn't allow that. > > >> It apparently succeeds on Linux (this is rpm), but it fails on FreeBSD >> with "Operation not permitted", while executed under sudo. >> >> The chroot(2) man page doesn't mention anything about exiting the chroot >> environment. >> > > True. Such behavior is undefined. There's no defined notion of exiting a > chroot. It doesn't seem to be documented in the few examples of the > chroot(2) call linux man pages I've found. Do you have documentation on > what, exactly, it's supposed to do? > > Does chroot(2) behave differently on Linux and FreeBSD, and chroot(".") >> is a valid way to exit on Linux and not on FreeBSD? Or what is going on >> here? >> > > Generally, one is not supposed to exit a chroot. :) Though jail(2) exists > because it's trivially possible in most cases. > > I wish somebody familiar with chroot add this information into the >> chroot(2) man page. >> > > POSIX never defined the behavior (and it's been removed in newer versions > of POSIX). > Also, what happens when you set kern.chroot_allow_open_directories=2 ? Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfq4Lb-cHAkcNz3c4NRwi7ejB3XdTv3ZP96kDKZVSccQMg>