chroot

The chroot command changes the root directory (/) for the current running process by creating a secured contained environment known as a "chroot jail".

Basic command:

$ chroot </path/to/chroot-jail>

This command change the root directory to /path/to/chroot-jail. Any processes running inside this "chroot jail" will not have access to the actual root filesystem that is outside this "jail".

Example

Suppose there is a mounted filesystem at the directory /mnt/temp-mnt-loc (refer to the documentation for the mount command: https://jarrettgxz-sec.gitbook.io/linux/storage/mount-umount)

$ mount <storage_device> /mnt/temp-mnt-loc

The ls / command will list the contents of the user system's root directory (/).

$ ls /
... file-at-user-root-dir.txt
...

After the chroot command have been used to change the root directory to the mounted location, any commands ran will use the directory supplied as the new root directory. Note that the chroot command changes the root directory only for the current process and its child process, but doesn't affect other processes on the system or the actual root directory of the system.

$ chroot /mnt/temp-mnt-loc

The ls / command will list the contents of the new root directory, which is the mounted filesystem (/mnt/temp-mnt-loc). This is because /mnt/temp-mnt-loc is now perceived as the new / (root directory). This will have the same output if the command is ran directly with the mounted location as input.

 $ ls /
... file-at-mounted-dir.txt
... 

$ ls /mnt/temp-mnt/loc
... file-at-mounted-dir.txt
...