Struct Chroot

Source

pub struct Chroot { /* private fields */ }

Expand description

Userspace chroot environment

All symlinks below a root directory are resolved relative this directory. E.g. when having a directory tree like

/
|-- etc/
|   `-- passwd
`-- srv/
    `-- www/
        |-- etc/
        |   `-- passwd
        |-- tmp -> /etc/
        |-- passwd -> /etc/passwd
        `-- test -> ../../../etc/passwd

All the open() statements in code like

let chroot = Chroot::new(&OsString::from("/srv/www"));

let fd = chroot.open(&Path::new("/etc/passwd"), libc::O_RDONLY);
let fd = chroot.open(&Path::new("/tmp/passwd"), libc::O_RDONLY);
let fd = chroot.open(&Path::new("/test"), libc::O_RDONLY);
let fd = chroot.open(&Path::new("/passwd"), libc::O_RDONLY);

will access /srv/www/etc/passwd instead of /etc/passwd.

Implementations§

Source §

impl Chroot

Source

pub fn new<T: AsRef<Path>>(root: &T) -> Self

Source

pub fn root_fdraw(&self) -> Result<FdRaw>

Opens the top level directory of the chroot directory and returns the filedescriptor.

The directory will be opened with O_CLOEXEC flag being set.

Source

pub fn root_fd(&self) -> Result<Fd>

Source

pub fn chdir<T>(&self, path: &T) -> Result<Fd>
where T: AsRef<Path>,

Opens the directory at path within the chroot.

Every intermediate symlinks will be resolved relative to to the chroot.

Restrictions: path must be absolute.

Source

pub fn chdirat<T>(&self, dir_fd: &Fd, path: &T) -> Result<Fd>
where T: AsRef<Path>,

Opens a directory path in the chroot environment relative to fd.

Behaviour is unspecified if fd lies outside the chroot. path can be relative.

Source

pub fn openat<T>(&self, dir_fd: &Fd, path: &T, flags: c_int) -> Result<Fd>
where T: AsRef<Path>,

Opens a file in the chroot relative to an open directory fd.

Method first opens the directory containing path as described by Self::chdirat() and calls openat() with `O_NOFOLLOW being set there.

Source

pub fn open<T>(&self, path: &T, flags: c_int) -> Result<Fd>
where T: AsRef<Path>,

Opens a file in the chroot environment.

Method first opens the directory containing path as described by Self::chdir() and calls openat() with `O_NOFOLLOW being set there.

Source

pub fn is_lnkat<T>(&self, dir_fd: &Fd, path: &T) -> bool
where T: AsRef<Path>,

Checks whether path is a symlink

Method returns when errors occurred while performing the lookup.

Source

pub fn is_dirat<T>(&self, dir_fd: &Fd, path: &T) -> bool
where T: AsRef<Path>,

Checks whether path is a directory

Method returns when errors occurred while performing the lookup.

Source

pub fn is_regat<T>(&self, dir_fd: &Fd, path: &T) -> bool
where T: AsRef<Path>,

Checks whether path is a regular file

Method returns when errors occurred while performing the lookup.

Source

pub fn fstatat<T>(&self, dir_fd: &Fd, fname: &T) -> Result<stat>
where T: AsRef<Path>,

Returns fstat information

Source

pub fn full_path<T>(&self, dir_fd: &Fd, fname: Option<&T>) -> Result<OsString>
where T: AsRef<Path>,

Transforms fd into an absolute path relative to the chroot and appends fname optionally.

Note: this operation is expensive because it recurses into the parent directories of fd and iterates over their contents to look for a matching subdirectory.