chroot

March 26, 2020 Contributors

Name

chroot — chroot to a secure environment

Synopsis

Security { chroot = "/chroot/dir" }

Description

This security feature invokes the underlying operating system’s chroot call to place Momentum in an alternate root directory. This can be used to limit the portions of the file system that are available to Momentum and can be an added protection should the instance be compromised.

The default value for this option is to use no chroot.

Note

Changing the value of options in the security scope at runtime requires restarting the ecelerity process—issuing the ec_console command config reload will not suffice.

Scope

chroot is valid in the security scope.

See Also

security, capabilities, user, and supplemental_groups