Find out if service / server running in chrooted jail or not under Linux

last updated in Categories Howto, Linux, Sys admin, Tips

Chrooted jail allows run command or service such as http / mysql / postfix with special root directory i.e. chroot changes the root directory for application. The biggest benefit is a service that is re-rooted to another directory cannot access files outside that directory. Basically you are going to set service in sandbox. Chrooting offers the following 2 benefits:

[a] Service Isolation

[b] Privilege Separation

But how do you find out if service / server is chrooted or not under Linux?

Simply run ls -ld command on /proc/MAIN-PID/root directory.

For example, find out if httpd chrooted or not:
pidof httpd


Run ls command:
ls -ld /proc/23456/root

lrwxrwxrwx 1 root root 0 Sep 10 02:52 /proc/23456/root -> /wwwdata

Find out if postfix is chrooted or not (PID 4645):
ls -ld /proc/4645/root
lrwxrwxrwx 1 root root 0 Sep 10 02:59 /proc/4645/root -> /
The PID 4645 pointing out to / (root) i.e. the root directory for application is not changed or chrooted. This is a quick and dirty way to find out if application is chrooted or not w/o opening configuration files.

Linux: Find Out How Many File Descriptors Are Being Used

last updated in Categories File system, Linux, Sys admin, Tips, Troubleshooting

While administrating a box, you may wanted to find out what a processes is doing and find out how many file descriptors (fd) are being used. You will surprised to find out that process does open all sort of files:
=> Actual log file

=> /dev files

=> UNIX Sockets

=> Network sockets

=> Library files /lib /lib64

=> Executables and other programs etc

In this quick post, I will explain how to to count how many file descriptors are currently in use on your Linux server system.