Re: Reg: Difference between chroot & pivot_root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks a lot.
This painted a good picture regarding the caveats involved.

-Alphonse

On Mon, Sep 12, 2011 at 7:14 AM, Daniel P. Berrange <berrange@xxxxxxxxxx> wrote:
On Tue, Sep 06, 2011 at 01:02:14PM -0400, Alphonse Hansel Anthony wrote:
> Hi,
>    What is the difference between chroot & pivot_root.
>    They don't seem obvious based on the man pages apart from the below
> mentioned
>    caveats.
>
>    1) Inherited Open file descriptors, have to be explicitly closed.
>    2) Does not change CWD of the process, which can be overcome by doing a
> chdir before & after chroot call.
>
>    Any information on this would be useful.

I assume you are asking wrt the libvirt LXC driver, which uses pivot_root
instead of chroot() when setting up the guest. The primary reason for this
is that chroot() is escapable, where as pivot_root() is not.

 https://s3hh.wordpress.com/2011/05/31/escaping-chroots/

Regards,
Daniel
--
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|


[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux