|
|
@@ -2,20 +2,31 @@
|
|
|
<title>Changing ownership</title>
|
|
|
<?dbhtml filename="changingowner.html" dir="chapter06"?>
|
|
|
|
|
|
-<para>The first thing we'll do, now that we're <emphasis>root</emphasis>,
|
|
|
-is change the ownership of the files and directories installed in Chapter 5
|
|
|
-to root -- because when later we don't delete the
|
|
|
-<filename class="directory">/static</filename> directory and start adding
|
|
|
-new users, one of these users might end up owning the statically linked
|
|
|
-programs, which is not a good idea.</para>
|
|
|
+<para>Right now the /static directory is owned by the lfs user. However,
|
|
|
+this user account exists only on the host system. Although you may delete
|
|
|
+the <filename class="directory">/static</filename> directory once you have
|
|
|
+finished your LFS system, you might want to keep it around, e.g. for
|
|
|
+building more LFS systems. But if you keep the
|
|
|
+<filename class="directory">/static</filename> directory you will end up
|
|
|
+with files owned by a user id without a corresponding account. This is
|
|
|
+dangerous because a user account created later could get this user id and
|
|
|
+would suddenly own the <filename class="directory">/static</filename>
|
|
|
+directory and all of the files therein. This could open the
|
|
|
+<filename class="directory">/static</filename> directory to manipulation by
|
|
|
+an untrusted user.</para>
|
|
|
|
|
|
-<para>Run the following command to make root the owner of all the statically
|
|
|
-linked programs:</para>
|
|
|
+<para>To avoid this issue, you can add the
|
|
|
+<emphasis>lfs</emphasis> user to the new LFS system later when creating
|
|
|
+the <filename>/etc/passwd</filename> file, taking care to assign it the
|
|
|
+same user and group id. Alternatively, you can (and the book will assume
|
|
|
+you do) run the following command now, to assign the contents of the
|
|
|
+<filename class="directory">/static</filename> directory to user
|
|
|
+<emphasis>root</emphasis> by running the following command:</para>
|
|
|
|
|
|
<para><screen><userinput>chown -R 0:0 /static</userinput></screen></para>
|
|
|
|
|
|
-<para>The command uses "0:0" instead of "root:root", because there is no way
|
|
|
-to resolve the name "root", as glibc hasn't been installed yet.</para>
|
|
|
+<para>The command uses "0:0" instead of "root:root", because chown is unable
|
|
|
+to resolve the name "root" until glibc has been installed.</para>
|
|
|
|
|
|
</sect1>
|
|
|
|
Gerard Beekmans