diff -u sysklogd-1.4.1~/sysklogd.8 sysklogd-1.4.1/sysklogd.8
--- sysklogd-1.4.1~/sysklogd.8	Thu Feb  7 16:40:34 2002
+++ sysklogd-1.4.1/sysklogd.8	Thu Feb  7 16:53:21 2002
@@ -2,7 +2,7 @@
 .\" May be distributed under the GNU General Public License
 .\" Sun Aug 30 11:35:55 MET: Martin Schulze: Updates
 .\"
-.TH SYSKLOGD 8 "8 October, 2001" "Version 1.4.1+CAEN/OW" "Linux System Administration"
+.TH SYSKLOGD 8 "8 October, 2001" "Version 1.4.1+CAEN/OW/ALT" "Linux System Administration"
 .SH NAME
 sysklogd \- Linux system logging utilities.
 .SH SYNOPSIS
@@ -35,6 +35,9 @@
 .RB [ " \-u"
 .IB username
 ]
+.RB [ " \-j "
+.I chroot_dir
+]
 .RB [ " \-v " ]
 .LP
 .SH DESCRIPTION
@@ -175,6 +178,19 @@
 .B SIGHUP
 the files will be reopened as the non-privileged user.  You should
 take this into account when deciding the ownership of the log files.
+.TP
+.BI "\-j " chroot_dir
+Tells
+.B syslogd
+daemon to
+.BR chroot (2)
+into this directory after initializing.
+This option is only valid if the \-u option is also used to run
+.B syslogd
+without root privileges.
+Note that the use of this option will prevent
+.B SIGHUP
+from working which makes daemon reload practically impossible.
 .TP
 .B "\-v"
 Print version and exit.
diff -u sysklogd-1.4.1~/syslogd.c sysklogd-1.4.1/syslogd.c
--- sysklogd-1.4.1~/syslogd.c	Thu Feb  7 16:40:34 2002
+++ sysklogd-1.4.1/syslogd.c	Thu Feb  7 16:42:04 2002
@@ -742,6 +742,7 @@
 
 char	*bind_addr = NULL;	/* bind UDP port to this interface only */
 char	*server_user = NULL;	/* user name to run server as */
+char	*chroot_dir = NULL;	/* user name to run server as */
 
 extern	int errno;
 
@@ -791,6 +792,11 @@
 
 	if (!pw->pw_uid) return -1;
 
+	if (chroot_dir) {
+		if (chroot(chroot_dir)) return -1;
+		if (chdir("/")) return -1;
+	}
+
 	if (initgroups(server_user, pw->pw_gid)) return -1;
 	if (setgid(pw->pw_gid)) return -1;
 	if (setuid(pw->pw_uid)) return -1;
@@ -851,7 +857,7 @@
 		funix[i]  = -1;
 	}
 
-	while ((ch = getopt(argc, argv, "a:dhf:i:l:m:np:rs:u:v")) != EOF)
+	while ((ch = getopt(argc, argv, "a:dhf:i:j:l:m:np:rs:u:v")) != EOF)
 		switch((char)ch) {
 		case 'a':
 			if (nfunix < MAXFUNIX)
@@ -876,6 +882,9 @@
 			}
 			bind_addr = optarg;
 			break;
+		case 'j':
+			chroot_dir = optarg;
+			break;
 		case 'l':
 			if (LocalHosts) {
 				fprintf(stderr, "Only one -l argument allowed, "
@@ -917,6 +926,10 @@
 	if ((argc -= optind))
 		usage();
 
+	if (chroot_dir && !server_user) {
+		fputs("'-j' is only valid with '-u'", stderr);
+		exit(1);
+	}
 #ifndef TESTING
 	if ( !(Debug || NoFork) )
 	{