Changeset 6bfe833 for BOOK/boot/common


Ignore:
Timestamp:
Feb 22, 2006, 11:24:55 PM (19 years ago)
Author:
Jim Gifford <clfs@…>
Branches:
clfs-1.2, clfs-2.1, clfs-3.0.0-systemd, clfs-3.0.0-sysvinit, master, systemd, sysvinit
Children:
6c4e93e
Parents:
393afdb
Message:

r2395@server (orig r1196): chris | 2006-02-22 23:11:39 -0800
Simplified the Changing Ownership page for boot method

File:
1 edited

Legend:

Unmodified
Added
Removed
  • BOOK/boot/common/changingowner.xml

    r393afdb r6bfe833  
    1111  <title>Changing Ownership</title>
    1212
    13   <para os="a">Currently, the <filename class="directory">/tools</filename>
    14   directory, <filename class="directory">/cross-tools</filename> directory, and
    15   <filename class="directory">$LFS</filename> directory are owned
    16   by the user <systemitem class="username">lfs</systemitem>,
    17   a user that exists only on the host system. For security reasons, the
    18   $LFS root directory and all of it subdirectories should be owned by
    19   <systemitem class="username">root</systemitem>. Change the ownership for $LFS and its subdirectories by running these commands:</para>
     13  <para os="a">Currently, the <filename class="directory">$LFS</filename>
     14  directory and all of its subdirectories  are owned by the user
     15  <systemitem class="username">lfs</systemitem>, a user that exists only
     16  on the host system. For security reasons, the $LFS root directory and
     17  all of it subdirectories should be owned by
     18  <systemitem class="username">root</systemitem>. Change the ownership
     19  for $LFS and its subdirectories by running this command:</para>
    2020
    21 <screen><userinput>chown -v root:root ${LFS}
    22 chown -Rv root:root $LFS/{bin,boot,dev,etc,home,lib,media,mnt,opt,proc,root,sbin,srv,sys,tmp,usr,var}</userinput></screen>
    23 
    24   <para os="b">The same issue also exists with <filename class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename>. Although these directories can be deleted once the
    25   LFS system has been finished, they can be retained to build additional
    26   LFS systems. If the <filename class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename>
    27   directories are kept as is, the files are owned by a user ID without a
    28   corresponding account. This is dangerous because a user account created
    29   later could get this same user ID and would own the <filename
    30   class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename> directories and all the files therein,
    31   thus exposing these files to possible malicious manipulation.</para>
    32 
    33   <para os="c">To avoid this issue, add the <systemitem
    34   class="username">lfs</systemitem> user to the new LFS system later when
    35   creating the <filename>/etc/passwd</filename> file, taking care to assign
    36   it the same user and group IDs as on the host system. Alternatively,
    37   assign the contents of the <filename class="directory">/tools</filename>
    38   and <filename class="directory">/cross-tools</filename> directories to user <systemitem class="username">root</systemitem> by running
    39   the following commands:</para>
    40 
    41 <screen><userinput>chown -Rv root:root /tools
    42 chown -Rv root:root /cross-tools</userinput></screen>
     21<screen os="b"><userinput>chown -Rv root:root ${LFS}</userinput></screen>
    4322
    4423</sect1>
Note: See TracChangeset for help on using the changeset viewer.