Unix (and Unix-like) operating systems offer an operating system feature that allows the user to run a process within a remapped root filesystem. The chroot (change root) command changes the mapping of the root (/) filesystem to a specified directory that is relative to the current root, and then runs a specified command from the new root. Linux, Solaris, and the *BSD operating systems support chroot commands like this:

chroot <new root path> <command to run> <argument(s)>

For example, the following command would change / to point to the directory /some/new/root, and then run the command /bin/echo with the argument of "hello":

chroot /some/new/root /bin/echo hello

Once the root of the filesystem gets remapped, this process finds /bin/echo and any other files and directories relative to the new root path. That means chroot will actually run /some/new/root/bin/echo, not /bin/echo. Also, the process will look relative to /some/new/root to find any shared libraries that /bin/echo needs to load when it runs. The same goes for any device files; if you run a chrooted program that uses any devices, it will look for /dev relative to the new root, not in the "real" /dev. In short, everything becomes relative to the new root and that means that anything that the process uses on the filesystem needs to be replicated in the new root for the chrooted process to find it. What's more, the chrooted process and any of its descendants are unable to reach anything on the ...