On Wed, Sep 26, 2007 at 03:11:33PM +0200, Miloslav Semler wrote:So thanks for information. I did't know anything about *at functions. So it seems to be more complicated. But maybe it will be good write to manpage "other systems implement it by other way, so this feature is unportable".
As for the nested-chroot() bit, the root user inside of a chroot is always allowed to chroot(). This is necessary for test-suites for various distro installers, chroot once to enter the installer playpen, installer chroots again to configure the test-installed-system. Once you allow a second chroot, you're back at the "can't reliably and efficiently track directory sub-tree members" problem.Miloslav Semler
So if you think it can and should be fixed, then PROVIDE THE CODE.
man openat
This is really pointless, anyway - any code that expects chroot to be
root-proof is terminally broken.