- Timestamp:
- Feb 22, 2006, 11:24:55 PM (19 years ago)
- Branches:
- clfs-1.2, clfs-2.1, clfs-3.0.0-systemd, clfs-3.0.0-sysvinit, master, systemd, sysvinit
- Children:
- 6c4e93e
- Parents:
- 393afdb
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
BOOK/boot/common/changingowner.xml
r393afdb r6bfe833 11 11 <title>Changing Ownership</title> 12 12 13 <para os="a">Currently, the <filename class="directory"> /tools</filename>14 directory , <filename class="directory">/cross-tools</filename> directory, and15 < filename class="directory">$LFS</filename> directory are owned16 by the user <systemitem class="username">lfs</systemitem>,17 a user that exists only on the host system. For security reasons, the18 $LFS root directory and all of it subdirectories should be owned by19 <systemitem class="username">root</systemitem>. Change the ownership for $LFS and its subdirectories by running these commands:</para>13 <para os="a">Currently, the <filename class="directory">$LFS</filename> 14 directory and all of its subdirectories are owned by the user 15 <systemitem class="username">lfs</systemitem>, a user that exists only 16 on the host system. For security reasons, the $LFS root directory and 17 all of it subdirectories should be owned by 18 <systemitem class="username">root</systemitem>. Change the ownership 19 for $LFS and its subdirectories by running this command:</para> 20 20 21 <screen><userinput>chown -v root:root ${LFS} 22 chown -Rv root:root $LFS/{bin,boot,dev,etc,home,lib,media,mnt,opt,proc,root,sbin,srv,sys,tmp,usr,var}</userinput></screen> 23 24 <para os="b">The same issue also exists with <filename class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename>. Although these directories can be deleted once the 25 LFS system has been finished, they can be retained to build additional 26 LFS systems. If the <filename class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename> 27 directories are kept as is, the files are owned by a user ID without a 28 corresponding account. This is dangerous because a user account created 29 later could get this same user ID and would own the <filename 30 class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename> directories and all the files therein, 31 thus exposing these files to possible malicious manipulation.</para> 32 33 <para os="c">To avoid this issue, add the <systemitem 34 class="username">lfs</systemitem> user to the new LFS system later when 35 creating the <filename>/etc/passwd</filename> file, taking care to assign 36 it the same user and group IDs as on the host system. Alternatively, 37 assign the contents of the <filename class="directory">/tools</filename> 38 and <filename class="directory">/cross-tools</filename> directories to user <systemitem class="username">root</systemitem> by running 39 the following commands:</para> 40 41 <screen><userinput>chown -Rv root:root /tools 42 chown -Rv root:root /cross-tools</userinput></screen> 21 <screen os="b"><userinput>chown -Rv root:root ${LFS}</userinput></screen> 43 22 44 23 </sect1>
Note:
See TracChangeset
for help on using the changeset viewer.