Thanks a lot.
This painted a good picture regarding the caveats involved.
-Alphonse
On Mon, Sep 12, 2011 at 7:14 AM, Daniel P. Berrange <berrange(a)redhat.com>wrote:
On Tue, Sep 06, 2011 at 01:02:14PM -0400, Alphonse Hansel Anthony
wrote:
> Hi,
> What is the difference between chroot & pivot_root.
> They don't seem obvious based on the man pages apart from the below
> mentioned
> caveats.
>
> 1) Inherited Open file descriptors, have to be explicitly closed.
> 2) Does not change CWD of the process, which can be overcome by doing
a
> chdir before & after chroot call.
>
> Any information on this would be useful.
I assume you are asking wrt the libvirt LXC driver, which uses pivot_root
instead of chroot() when setting up the guest. The primary reason for this
is that chroot() is escapable, where as pivot_root() is not.
https://s3hh.wordpress.com/2011/05/31/escaping-chroots/
Regards,
Daniel
--
|:
http://berrange.com -o-
http://www.flickr.com/photos/dberrange/:|
|:
http://libvirt.org -o-
http://virt-manager.org:|
|:
http://autobuild.org -o-
http://search.cpan.org/~danberr/:|
|:
http://entangle-photo.org -o-
http://live.gnome.org/gtk-vnc:|