It is a linux system call that changes the root directory(/) for a process. Normally every linux process sees the same filesystem tree like this: /-| |-usr |-bin |-home |-var |-lib with chroot you can make a process beleive that some sub-directory is the entire filesystem. You can see it as a filesystem jail. Example: Create a Mini Filesystem that looks like the linux root filesystem within your home directory:

/home/ks/myroot/ ├── bin/ ├── lib/ ├── lib64/ └── etc/

now copy the bin files

cp /bin/bash /home/ks/myroot/bin/

now execute the chroot command

sudo chroot /home/ks/myroot /bin/bash

Now your shell is inside the new root. You cannot see host directories like /home, /var, or any directory above /home/ks/myroot/

What actually changed is the process’s root directory pointer in the kernel. The kernel rewires

Old root → /
New root → /home/ks/myroot

🧪 Simple Real-World Example

Imagine:

  • You want to test an app on Ubuntu 18 libs
  • Host runs Ubuntu 22

You create a chroot with older libs.Run app inside → no host conflict. This was early “environment isolation”.

But chroot has limitations:

  • No Process Isolation You still see host processes because PID namespace doesn’t exist here.
  • No Resource limit A chrooted process can consume entire cpu or memory
  • Weak security If a process has root proiviledges, it can escape using chdir/mount tricks/device access
  • No network isolation

Updated: