| 123456789101112131415161718192021222324252627282930313233343536373839 |
- <?xml version="1.0" encoding="ISO-8859-1"?>
- <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
- <!ENTITY % general-entities SYSTEM "../general.ent">
- %general-entities;
- ]>
- <sect1 id="ch-system-changingowner">
- <title>Changing Ownership</title>
- <?dbhtml filename="changingowner.html"?>
- <para>Currently, the <filename class="directory">/tools</filename>
- directory is owned by the user <emphasis>lfs</emphasis>, a user that
- exists only on the host system. Although the <filename
- class="directory">/tools</filename> directory can be deleted once the
- LFS system has been finished, it can be retained to build additional
- LFS systems. If the <filename class="directory">/tools</filename>
- directory is kept as is, the files are owned by a user ID without a
- corresponding account. This is dangerous because a user account
- created later could get this same user ID and would own the <filename
- class="directory">/tools</filename> directory and all the files
- therein, thus exposing these files to possible malicious
- manipulation.</para>
- <para>To avoid this issue, add the <emphasis>lfs</emphasis> user to
- the new LFS system later when creating the
- <filename>/etc/passwd</filename> file, taking care to assign it the
- same user and group IDs as on the host system. Alternatively, assign
- the contents of the <filename class="directory">/tools</filename>
- directory to user <emphasis>root</emphasis> by running the following
- command:</para>
- <screen><userinput>chown -R 0:0 /tools</userinput></screen>
- <para>The command uses <parameter>0:0</parameter> instead of
- <parameter>root:root</parameter>, because <command>chown</command>
- is unable to resolve the name <quote>root</quote> until the
- <filename>passwd</filename> file has been created.</para>
- </sect1>
|
