chroot

March 26, 2020 Contributors

Name

chroot — chroot to a secure environment

Synopsis

Security { chroot = "/chroot/dir" }

Description

This security feature invokes the underlying operating system’s chroot call to place Momentum in an alternate root directory. This can be used to limit the portions of the file system that are available to Momentum and can be an added protection should the instance be compromised.

Changing the value of this option at runtime requires restarting the ecelerity process—issuing the ec_console command config reload will not suffice.

The default value for this option is to use no chroot.

Scope

chroot is valid in the security scope.

See Also

chroot, supplemental_groups, capabilities