This painted a good picture regarding the caveats involved.
-Alphonse
On Mon, Sep 12, 2011 at 7:14 AM, Daniel P. Berrange <berrange@xxxxxxxxxx> wrote:
I assume you are asking wrt the libvirt LXC driver, which uses pivot_rootOn Tue, Sep 06, 2011 at 01:02:14PM -0400, Alphonse Hansel Anthony wrote:
> Hi,
> What is the difference between chroot & pivot_root.
> They don't seem obvious based on the man pages apart from the below
> mentioned
> caveats.
>
> 1) Inherited Open file descriptors, have to be explicitly closed.
> 2) Does not change CWD of the process, which can be overcome by doing a
> chdir before & after chroot call.
>
> Any information on this would be useful.
instead of chroot() when setting up the guest. The primary reason for this
is that chroot() is escapable, where as pivot_root() is not.
https://s3hh.wordpress.com/2011/05/31/escaping-chroots/
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
