Noid has not been updated for a couple of years, and does not work on newer kernels. Consider development to be on hold, with a quite small chance of being restarted.
Trunkfs is a virtual filesystem providing per-process namespaces for Linux 2.4.
The trunkfs file system is typically mounted once in a
system, usually on
Every process sees the directory
By opening the right files and directories, setting up
If used correctly, the process chtrunked is locked inside a jail with no way to get out. It can only access files it already has opened and files under directories it has a file descriptor for. Unfortunately, there are a number of ways to escape from the jail, basically the same ways it can escape from a normal chroot. Processes might, for example, use the network or the ptrace interface to communicate with the outside world. Future extensions of Noid will create a tighter jail by blocking all dangerous actions.
One limitation of Unix in general is that only root is allowed to use chroot. The user chroot kernel patch makes Linux allow any user to use chroot in a secure way.
Chtrunk is implemented as a loadable kernel module for Linux 2.4. No recompilation or reboot is needed. Unfortunately, you still need to patch your kernel with the user chroot patch, recompile and reboot to allow normal non-root users to use chtrunk.
Send questions, money, bug reports, success reports, patches and suggestions to the author, Jörgen Cederlöf, at email@example.com.
Hosted at lysator