1234567891011121314151617181920212223242526272829303132333435363738394041 |
- <?xml version="1.0" encoding="ISO-8859-1"?>
- <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
- "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
- <!ENTITY % general-entities SYSTEM "../general.ent">
- %general-entities;
- ]>
- <sect1 id="ch-tools-changingowner">
- <?dbhtml filename="changingowner.html"?>
- <title>Changing Ownership</title>
- <note>
- <para>The commands in the remainder of this book must be performed while
- logged in as user <systemitem class="username">root</systemitem> and no
- longer as user <systemitem class="username">lfs</systemitem>. Also, double
- check that <envar>$LFS</envar> is set in <systemitem
- class="username">root</systemitem>'s environment.</para>
- </note>
- <para>Currently, the whole directory hierarchy in <filename
- class="directory">$LFS</filename>
- is owned by the user <systemitem class="username">lfs</systemitem>, a user
- that exists only on the host system. If the directories under <filename
- class="directory">$LFS</filename> are kept as they are, the files are
- owned by a user ID without a corresponding account. This is dangerous because
- a user account created later could get this same user ID and would own all
- the files under <filename class="directory">$LFS</filename>, thus exposing
- these files to possible malicious manipulation.</para>
- <para>To avoid this issue, you could add the <systemitem
- class="username">lfs</systemitem> user to the new LFS system later when
- creating the <filename>/etc/passwd</filename> file, taking care to assign it
- the same user and group IDs as on the host system. Better yet, change the
- ownership of the <filename class="directory">$LFS/*</filename> directories to
- user <systemitem class="username">root</systemitem> by running the following
- command:</para>
- <screen><userinput>chown -R root:root $LFS/{usr,lib,var,etc,bin,sbin,lib64,tools}</userinput></screen>
- </sect1>
|