does chroot() require root privileges?

Question

When I try to use chroot with "." or the complete pathname as argument, perror tells me "Operation not permitted".

If the answer to my question is yes, is there another way to change root directory ? (Without barbarian methods using strcmp() / strncmp())

Take a look: http://stackoverflow.com/questions/3737008/how-to-run-a-command-in-a-chroot-jail-not-as-root-and-without-sudo — Leo Chapiro, Apr 13 '13 at 07:17

score 10 · Answer 1 · edited Apr 08 '22 at 13:33

chroot can only be used by root him/her/itself. And no, there won't be any other way without compromising security.

From Wikipedia

Only the root user can perform a chroot. This is intended to prevent users from putting a setuid program inside a specially crafted chroot jail (for example, with a fake /etc/passwd and /etc/shadow file) that would fool it into a privilege escalation.

See here for the article.

score 5 · Answer 2 · answered Aug 11 '16 at 11:54

5

You could try fakechroot chroot

answered Aug 11 '16 at 11:54

kvz

5,517
1
42
33

score 4 · Answer 3 · edited Sep 01 '19 at 21:46

4

Try a tool called PRoot It's based on ptrace and syscall instrumentation and one of possible usecases is to achieve something like chroot.

edited Sep 01 '19 at 21:46

Community

1
1

answered Feb 18 '14 at 16:29

Rafael van Horn

591
4
3

score 0 · Answer 4 · answered Oct 01 '18 at 19:56

From user space, you can use the schroot command. Add a few lines to /etc/schroot/schroot.conf

[xenial]
description=Ubuntu 16.04 (xenial)
type=directory
directory=/srv/chroots/xenial
aliases=xenial-lts
profile=minimal
users=bob
personality=linux64

Then from your user account:

schroot -c xenial

does chroot() require root privileges?

4 Answers4