Find out if service / server running in chrooted jail or not under Linux
Chrooted jail allows run command or service such as http / mysql / postfix with special root directory i.e. chroot changes the root directory for application. The biggest benefit is a service that is re-rooted to another directory cannot access files outside that directory. Basically you are going to set service in sandbox. Chrooting offers the following 2 benefits:
[a] Service Isolation
[b] Privilege Separation
But how do you find out if service / server is chrooted or not under Linux?
Simply run ls -ld command on /proc/MAIN-PID/root directory.
For example, find out if httpd chrooted or not:
pidof httpd
Output:
23456
Run ls command:
ls -ld /proc/23456/root
Output:
lrwxrwxrwx 1 root root 0 Sep 10 02:52 /proc/23456/root -> /wwwdata
Find out if postfix is chrooted or not (PID 4645):
ls -ld /proc/4645/root
Output:
lrwxrwxrwx 1 root root 0 Sep 10 02:59 /proc/4645/root -> /
The PID 4645 pointing out to / (root) i.e. the root directory for application is not changed or chrooted. This is a quick and dirty way to find out if application is chrooted or not w/o opening configuration files.
You may also be interested in other helpful articles:
- Chroot in OpenSSH / SFTP Feature Added To OpenSSH
- Lighttpd php segfault at 0000000000000040 rip 0000003e30228278 rsp 0000007fbffff708 error 4
- rssh: Per User Configuration Options For Chroot Jail
- Ultimate Lighttpd webserver security
- The art of customer service
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: chroot, isolation, ls_command, pid, pidof_command, privilege, proc_filesystem, root_directory, sandbox
Recent Comments
Today ~ 45 Comments
Today ~ 6 Comments
Yesterday ~ 5 Comments
Yesterday ~ 13 Comments
Yesterday ~ 50 Comments