On 07/20/2014 02:05 PM, Andreas Schwab wrote:
> diff --git a/src/chroot.c b/src/chroot.c
> index 6c2d63f..079759f 100644
> --- a/src/chroot.c
> +++ b/src/chroot.c
> @@ -269,9 +269,10 @@ main (int argc, char **argv)
> usage (EXIT_CANCELED);
> }
>
> - /* Only do chroot specific actions if actually changing root.
> - The main difference here is that we don't change working dir. */
> - if (! is_root (argv[optind]))
> + /* Only do chroot specific actions if actually changing root or if not
> + changing credentials. The main difference here is that we don't
> + change working dir. */
> + if (! is_root (argv[optind]) || !(userspec || groups))
This effectively reverts the idea behind v8.22-94-g99960ee:
chroot: don't chdir() if not changing root
This allows chroot to be used as a light weight tool
to change user identification for a command,
while not changing the current working directory.
It also makes `chroot / true` consistently succeed on
all platforms for non root users.
Now, with the patch:
$ src/chroot / true
src/chroot: cannot change root directory to /: Operation not permitted
... and some tests fail, too.
Why do you think the change is needed?
Is it about chroot(2) or chdir("/) being skipped?
Thanks & have a nice day,
Berny
