Testing commands under OpenBSD httpd's chroot

Page created: 2026-05-28

Back to OpenBSD httpd or OpenBSD.

How do you test a failing program (such as a system() call from PHP or similar environment) while it’s running in OpenBSD httpd’s chroot environment?

Web development often feels like you’re flying blind when you can get output to the browser, but it’s much worse when you can’t replicate the environment outside of the web server at all!

Luckily, I remembered that Michael W. Lucas’s book Httpd & Relayd Mastery had a section on chroot troubleshooting. This is a perfect example of why I read technical books (and RTFM).

Good luck finding this with current Web search engines!

Anyway, the secret sauce is to copy a statically-linked shell (such as /bin/sh) to a location inside the chroot and then dive in there and look around.

Note that you have to run chroot as root (or it could be exploited to give you root access!).

Here’s my full working example, cobbled together from some trial-and-error:

$ su
# cp /bin/sh /server/run
# SHELL=/run/sh chroot /server

/run/sh: No controlling tty (open /dev/tty: No such file or directory)
/run/sh: warning: won't have full job control

# ls
/run/sh: ls: not found

# echo *
run logs data htdocs ...

In there, you can run the program you’re trying to debug and hopefully it’ll be obvious what’s going wrong. It can be a pretty startling experience to realize how much of your system you need to copy into the chroot to get some things working. I simply choose not to run those things when I can.