Thanks a lot. This painted a good picture regarding the caveats involved. -Alphonse On Mon, Sep 12, 2011 at 7:14 AM, Daniel P. Berrange <berrange@redhat.com>wrote:
On Tue, Sep 06, 2011 at 01:02:14PM -0400, Alphonse Hansel Anthony wrote:
Hi, What is the difference between chroot & pivot_root. They don't seem obvious based on the man pages apart from the below mentioned caveats.
1) Inherited Open file descriptors, have to be explicitly closed. 2) Does not change CWD of the process, which can be overcome by doing a chdir before & after chroot call.
Any information on this would be useful.
I assume you are asking wrt the libvirt LXC driver, which uses pivot_root instead of chroot() when setting up the guest. The primary reason for this is that chroot() is escapable, where as pivot_root() is not.
https://s3hh.wordpress.com/2011/05/31/escaping-chroots/
Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/:| |: http://libvirt.org -o- http://virt-manager.org:| |: http://autobuild.org -o- http://search.cpan.org/~danberr/:| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc:|