1 files changed, 0 insertions, 165 deletions
diff --git a/lib/libc/sys/chroot.2 b/lib/libc/sys/chroot.2
deleted file mode 100644
index f5d9fa5a8515..000000000000
--- a/lib/libc/sys/chroot.2
+++ /dev/null
@@ -1,165 +0,0 @@
-.\" Copyright (c) 1983, 1991, 1993
-.\"	The Regents of the University of California.  All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\" 3. Neither the name of the University nor the names of its contributors
-.\"    may be used to endorse or promote products derived from this software
-.\"    without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\"     @(#)chroot.2	8.1 (Berkeley) 6/4/93
-.\" $FreeBSD$
-.\"
-.Dd September 29, 2020
-.Dt CHROOT 2
-.Os
-.Sh NAME
-.Nm chroot
-.Nd change root directory
-.Sh LIBRARY
-.Lb libc
-.Sh SYNOPSIS
-.In unistd.h
-.Ft int
-.Fn chroot "const char *dirname"
-.Sh DESCRIPTION
-The
-.Fa dirname
-argument
-is the address of the pathname of a directory, terminated by an ASCII NUL.
-The
-.Fn chroot
-system call causes
-.Fa dirname
-to become the root directory,
-that is, the starting point for path searches of pathnames
-beginning with
-.Ql / .
-.Pp
-In order for a directory to become the root directory
-a process must have execute (search) access for that directory.
-.Pp
-It should be noted that
-.Fn chroot
-has no effect on the process's current directory.
-.Pp
-This call is restricted to the super-user.
-.Pp
-Depending on the setting of the
-.Ql kern.chroot_allow_open_directories
-sysctl variable, open filedescriptors which reference directories
-will make the
-.Fn chroot
-fail as follows:
-.Pp
-If
-.Ql kern.chroot_allow_open_directories
-is set to zero,
-.Fn chroot
-will always fail with
-.Er EPERM
-if there are any directories open.
-.Pp
-If
-.Ql kern.chroot_allow_open_directories
-is set to one (the default),
-.Fn chroot
-will fail with
-.Er EPERM
-if there are any directories open and the
-process is already subject to the
-.Fn chroot
-system call.
-.Pp
-Any other value for
-.Ql kern.chroot_allow_open_directories
-will bypass the check for open directories,
-mimicking the historic insecure behavior of
-.Fn chroot
-still present on other systems.
-.Sh RETURN VALUES
-.Rv -std
-.Sh ERRORS
-The
-.Fn chroot
-system call
-will fail and the root directory will be unchanged if:
-.Bl -tag -width Er
-.It Bq Er ENOTDIR
-A component of the path name is not a directory.
-.It Bq Er EPERM
-The effective user ID is not the super-user, or one or more
-filedescriptors are open directories.
-.It Bq Er ENAMETOOLONG
-A component of a pathname exceeded 255 characters,
-or an entire path name exceeded 1023 characters.
-.It Bq Er ENOENT
-The named directory does not exist.
-.It Bq Er EACCES
-Search permission is denied for any component of the path name.
-.It Bq Er ELOOP
-Too many symbolic links were encountered in translating the pathname.
-.It Bq Er EFAULT
-The
-.Fa dirname
-argument
-points outside the process's allocated address space.
-.It Bq Er EIO
-An I/O error occurred while reading from or writing to the file system.
-.It Bq Er EINTEGRITY
-Corrupted data was detected while reading from the file system.
-.El
-.Sh SEE ALSO
-.Xr chdir 2 ,
-.Xr jail 2
-.Sh HISTORY
-The
-.Fn chroot
-system call appeared in
-.At v7 .
-It was marked as
-.Dq legacy
-in
-.St -susv2 ,
-and was removed in subsequent standards.
-.Sh BUGS
-If the process is able to change its working directory to the target
-directory, but another access control check fails (such as a check for
-open directories, or a MAC check), it is possible that this system
-call may return an error, with the working directory of the process
-left changed.
-.Sh SECURITY CONSIDERATIONS
-The system has many hardcoded paths to files which it may load after
-the process starts.
-It is generally recommended to drop privileges immediately after a
-successful
-.Nm
-call,
-and restrict write access to a limited subtree of the
-.Nm
-root.
-For instance,
-setup the sandbox so that the sandboxed user will have no write
-access to any well-known system directories.
-.Pp
-For complete isolation from the rest of the system, use
-.Xr jail 2
-instead.