Find out if service / server running in chrooted jail or not under Linux

by on September 10, 2007 · 0 comments· LAST UPDATED September 10, 2007

in , ,

Chrooted jail allows run command or service such as http / mysql / postfix with special root directory i.e. chroot changes the root directory for application. The biggest benefit is a service that is re-rooted to another directory cannot access files outside that directory. Basically you are going to set service in sandbox. Chrooting offers the following 2 benefits:

[a] Service Isolation

[b] Privilege Separation

But how do you find out if service / server is chrooted or not under Linux?

Simply run ls -ld command on /proc/MAIN-PID/root directory.

For example, find out if httpd chrooted or not:
pidof httpd
Output:

23456

Run ls command:
ls -ld /proc/23456/root
Output:

lrwxrwxrwx 1 root root 0 Sep 10 02:52 /proc/23456/root -> /wwwdata

Find out if postfix is chrooted or not (PID 4645):
ls -ld /proc/4645/root
Output:
lrwxrwxrwx 1 root root 0 Sep 10 02:59 /proc/4645/root -> /
The PID 4645 pointing out to / (root) i.e. the root directory for application is not changed or chrooted. This is a quick and dirty way to find out if application is chrooted or not w/o opening configuration files.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 0 comments… add one now }

Leave a Comment

Tagged as: , , , , , , , ,

Previous post:

Next post: