Index: lib/libsys/chroot.2 =================================================================== --- lib/libsys/chroot.2 +++ lib/libsys/chroot.2 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd July 15, 2024 +.Dd August 2, 2025 .Dt CHROOT 2 .Os .Sh NAME @@ -61,7 +61,12 @@ .Fn chroot has no effect on the process's current directory. .Pp -This call is restricted to the super-user. +This call is restricted to the super-user, unless the +.Ql security.bsd.unprivileged_chroot +sysctl variable is set to 1 +and the process has enabled the +.Dv PROC_NO_NEW_PRIVS_CTL +.Xr procctl 2 . .Pp Depending on the setting of the .Ql kern.chroot_allow_open_directories @@ -106,19 +111,35 @@ .Sh ERRORS The .Fn chroot -system call +and +.Fn fchroot +system calls will fail and the root directory will be unchanged if: .Bl -tag -width Er -.It Bq Er ENOTDIR -A component of the path name is not a directory. .It Bq Er EPERM -The effective user ID is not the super-user, or one or more -filedescriptors are open directories. -.It Bq Er ENAMETOOLONG -A component of a pathname exceeded 255 characters, -or an entire path name exceeded 1023 characters. -.It Bq Er ENOENT -The named directory does not exist. +The effective user ID is not the super-user and the +.Ql security.bsd.unprivileged_chroot +sysctl is 0. +.It Bq Er EPERM +The effective user ID is not the super-user and the +process has not enabled the +.Dv PROC_NO_NEW_PRIVS_CTL +.Xr procctl 2 . +.It Bq Er EPERM +One or more filedescriptors are open directories and the +.Ql kern.chroot_allow_open_directories +sysctl is not set to permit this. +.It Bq Er EIO +An I/O error occurred while reading from or writing to the file system. +.It Bq Er EINTEGRITY +Corrupted data was detected while reading from the file system. +.El +.Pp +The +.Fn chroot +system call +will fail and the root directory will be unchanged if: +.Bl -tag -width Er .It Bq Er EACCES Search permission is denied for any component of the path name. .It Bq Er ELOOP @@ -128,10 +149,13 @@ .Fa dirname argument points outside the process's allocated address space. -.It Bq Er EIO -An I/O error occurred while reading from or writing to the file system. -.It Bq Er EINTEGRITY -Corrupted data was detected while reading from the file system. +.It Bq Er ENAMETOOLONG +A component of a pathname exceeded 255 characters, +or an entire path name exceeded 1023 characters. +.It Bq Er ENOENT +The named directory does not exist. +.It Bq Er ENOTDIR +A component of the path name is not a directory. .El .Pp The @@ -146,15 +170,8 @@ The argument .Fa fd is not a valid file descriptor. -.It Bq Er EIO -An I/O error occurred while reading from or writing to the file system. -.It Bq Er EINTEGRITY -Corrupted data was detected while reading from the file system. .It Bq Er ENOTDIR The file descriptor does not reference a directory. -.It Bq Er EPERM -The effective user ID is not the super-user, or one or more -filedescriptors are open directories. .El .Sh SEE ALSO .Xr chdir 2 ,