1.\" $NetBSD: chroot.8,v 1.14 2011/08/15 14:43:17 wiz Exp $ 2.\" 3.\" Copyright (c) 1988, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.\" from: @(#)chroot.8 8.1 (Berkeley) 6/9/93 31.\" 32.Dd August 13, 2011 33.Dt CHROOT 8 34.Os 35.Sh NAME 36.Nm chroot 37.Nd change root directory 38.Sh SYNOPSIS 39.Nm 40.Op Fl G Ar group,group,... 41.Op Fl g Ar group 42.Op Fl u Ar user 43.Ar newroot 44.Op Ar command 45.Sh DESCRIPTION 46The 47.Nm 48command changes its root directory to the supplied directory 49.Ar newroot 50and exec's 51.Ar command , 52or, if not supplied, an interactive copy of your shell. 53.Pp 54If the 55.Fl u , 56.Fl g , 57or 58.Fl G 59options are given, the user, group, and group list of the process are 60set to these values after the chroot has taken place; see 61.Xr setgid 2 , 62.Xr setgroups 2 , 63.Xr setuid 2 , 64.Xr getgrnam 3 , 65and 66.Xr getpwnam 3 . 67.Pp 68Note: 69.Ar command 70or the shell are run as your real-user-id. 71.Sh ENVIRONMENT 72The following environment variable is referenced by 73.Nm : 74.Bl -tag -width SHELL 75.It Ev SHELL 76If set, 77the string specified by 78.Ev SHELL 79is interpreted as the name of 80the shell to exec. 81If the variable 82.Ev SHELL 83is not set, 84.Pa /bin/sh 85is used. 86.El 87.Sh SEE ALSO 88.Xr ldd 1 , 89.Xr chdir 2 , 90.Xr chroot 2 , 91.Xr environ 7 92.Sh HISTORY 93The 94.Nm 95utility first appeared in 96.Bx 4.4 . 97.Sh SECURITY CONSIDERATIONS 98.Nm 99should never be installed setuid root, as it would then be possible 100to exploit the program to gain root privileges. 101