Struct unix_fd::chroot::Chroot

pub struct Chroot { /* fields omitted */ }

Userspace chroot environment

All symlinks below a root directory are resolved relative this directory. E.g. when having a directory tree like

/
|-- etc/
|   `-- passwd
`-- srv/
    `-- www/
        |-- etc/
        |   `-- passwd
        |-- tmp -> /etc/
        |-- passwd -> /etc/passwd
        `-- test -> ../../../etc/passwd

All the open() statements in code like

let chroot = Chroot::new(&OsString::from("/srv/www"));

let fd = chroot.open(&Path::new("/etc/passwd"), libc::O_RDONLY);
let fd = chroot.open(&Path::new("/tmp/passwd"), libc::O_RDONLY);
let fd = chroot.open(&Path::new("/test"), libc::O_RDONLY);
let fd = chroot.open(&Path::new("/passwd"), libc::O_RDONLY);

will access /srv/www/etc/passwd instead of /etc/passwd.

Methods

impl Chroot

fn new<T: AsRef<Path>>(root: &T) -> Self

fn root_fd(&self) -> Result<Fd>

Opens the top level directory of the chroot directory and returns the filedescriptor.

The directory will be opened with O_CLOEXEC flag being set.

fn chdir<T>(&self, path: &T) -> Result<Fd> where
    T: AsRef<Path>, 

Opens the directory at path within the chroot.

Every intermediate symlinks will be resolved relative to to the chroot.

Restrictions: path must be absolute.

fn chdirat<T>(&self, dir_fd: &Fd, path: &T) -> Result<Fd> where
    T: AsRef<Path>, 

Opens a directory path in the chroot environment relative to fd.

Behaviour is unspecified if fd lies outside the chroot. path can be relative.

fn openat<T>(&self, dir_fd: &Fd, path: &T, flags: c_int) -> Result<Fd> where
    T: AsRef<Path>, 

Opens a file in the chroot relative to an open directory fd.

Method first opens the directory containing path as described by Self::chdirat() and calls openat() with `O_NOFOLLOW being set there.

fn open<T>(&self, path: &T, flags: c_int) -> Result<Fd> where
    T: AsRef<Path>, 

Opens a file in the chroot environment.

Method first opens the directory containing path as described by Self::chdir() and calls openat() with `O_NOFOLLOW being set there.

fn is_lnkat<T>(&self, dir_fd: &Fd, path: &T) -> bool where
    T: AsRef<Path>, 

Checks whether path is a symlink

Method returns when errors occurred while performing the lookup.

fn is_dirat<T>(&self, dir_fd: &Fd, path: &T) -> bool where
    T: AsRef<Path>, 

Checks whether path is a directory

Method returns when errors occurred while performing the lookup.

fn is_regat<T>(&self, dir_fd: &Fd, path: &T) -> bool where
    T: AsRef<Path>, 

Checks whether path is a regular file

Method returns when errors occurred while performing the lookup.

fn fstatat<T>(&self, dir_fd: &Fd, fname: &T) -> Result<stat> where
    T: AsRef<Path>, 

Returns fstat information

fn full_path<T>(&self, dir_fd: &Fd, fname: Option<&T>) -> Result<OsString> where
    T: AsRef<Path>, 

Transforms fd into an absolute path relative to the chroot and appends fname optionally.

Note: this operation is expensive because it recurses into the parent directories of fd and iterates over their contents to look for a matching subdirectory.

Trait Implementations

impl Debug for Chroot

fn fmt(&self, __arg_0: &mut Formatter) -> Result

Formats the value using the given formatter.