lxinitd handbook


a readonly shell.

/bin/rosh uses the litesh syntax) to provide a scripting environment which is limited to executing commands. There are no pipes or redirects meaning it can not be abused to corrupt the contents of a chroot if the container is compromised.


The builtins available for rosh are defined in rosh.c function rosh_execute_argv(char **argv)

  • cd
  • echo
  • error
  • sleep
  • setuid
  • exec
  • spawn
  • wait
  • exit

by teknopaul