Changeset c97c572


Ignore:
Timestamp:
Feb 22, 2006, 11:24:55 PM (19 years ago)
Author:
Jim Gifford <clfs@…>
Children:
9f5bc2cc
Parents:
bed8e07
Message:

r2395@server (orig r1196): chris | 2006-02-22 23:11:39 -0800
Simplified the Changing Ownership page for boot method

Files:
2 edited

Legend:

Unmodified
Added
Removed
  • boot/common/changingowner.xml

    rbed8e07 rc97c572  
    1111  <title>Changing Ownership</title>
    1212
    13   <para os="a">Currently, the <filename class="directory">/tools</filename>
    14   directory, <filename class="directory">/cross-tools</filename> directory, and
    15   <filename class="directory">$LFS</filename> directory are owned
    16   by the user <systemitem class="username">lfs</systemitem>,
    17   a user that exists only on the host system. For security reasons, the
    18   $LFS root directory and all of it subdirectories should be owned by
    19   <systemitem class="username">root</systemitem>. Change the ownership for $LFS and its subdirectories by running these commands:</para>
     13  <para os="a">Currently, the <filename class="directory">$LFS</filename>
     14  directory and all of its subdirectories  are owned by the user
     15  <systemitem class="username">lfs</systemitem>, a user that exists only
     16  on the host system. For security reasons, the $LFS root directory and
     17  all of it subdirectories should be owned by
     18  <systemitem class="username">root</systemitem>. Change the ownership
     19  for $LFS and its subdirectories by running this command:</para>
    2020
    21 <screen><userinput>chown -v root:root ${LFS}
    22 chown -Rv root:root $LFS/{bin,boot,dev,etc,home,lib,media,mnt,opt,proc,root,sbin,srv,sys,tmp,usr,var}</userinput></screen>
    23 
    24   <para os="b">The same issue also exists with <filename class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename>. Although these directories can be deleted once the
    25   LFS system has been finished, they can be retained to build additional
    26   LFS systems. If the <filename class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename>
    27   directories are kept as is, the files are owned by a user ID without a
    28   corresponding account. This is dangerous because a user account created
    29   later could get this same user ID and would own the <filename
    30   class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename> directories and all the files therein,
    31   thus exposing these files to possible malicious manipulation.</para>
    32 
    33   <para os="c">To avoid this issue, add the <systemitem
    34   class="username">lfs</systemitem> user to the new LFS system later when
    35   creating the <filename>/etc/passwd</filename> file, taking care to assign
    36   it the same user and group IDs as on the host system. Alternatively,
    37   assign the contents of the <filename class="directory">/tools</filename>
    38   and <filename class="directory">/cross-tools</filename> directories to user <systemitem class="username">root</systemitem> by running
    39   the following commands:</para>
    40 
    41 <screen><userinput>chown -Rv root:root /tools
    42 chown -Rv root:root /cross-tools</userinput></screen>
     21<screen os="b"><userinput>chown -Rv root:root ${LFS}</userinput></screen>
    4322
    4423</sect1>
  • chroot/common/changingowner.xml

    rbed8e07 rc97c572  
    1111  <title>Changing Ownership</title>
    1212
    13     <para>Currently, the <filename class="directory">/tools</filename>
     13    <para os="a">Currently, the <filename class="directory">/tools</filename>
    1414    and <filename class="directory">/cross-tools</filename> directories
    1515    are owned by the user <emphasis>lfs</emphasis>, a user that
     
    2626    thus exposing these files to possible malicious manipulation.</para>
    2727
    28     <xi:include xmlns:xi="http://www.w3.org/2003/XInclude"
    29     href="../../boot/common/changingowner.xml"
    30     xpointer="xpointer(//*[@os='c'])"/>
     28    <para os="b">To avoid this issue, add the <systemitem
     29    class="username">lfs</systemitem> user to the new LFS system later when
     30    creating the <filename>/etc/passwd</filename> file, taking care to assign
     31    it the same user and group IDs as on the host system. Alternatively,
     32    assign the contents of the <filename class="directory">/tools</filename>
     33    and <filename class="directory">/cross-tools</filename> directories to
     34    user <systemitem class="username">root</systemitem> by running the
     35    following commands:</para>
    3136
    32 <screen><userinput>chown -Rv 0:0 /tools
     37<screen os="c"><userinput>chown -Rv 0:0 /tools
    3338chown -Rv 0:0 /cross-tools</userinput></screen>
    3439
    35     <para>The commands use <parameter>0:0</parameter> instead of
     40    <para os="d">The commands use <parameter>0:0</parameter> instead of
    3641    <parameter>root:root</parameter>, because <command>chown</command>
    3742    is unable to resolve the name <quote>root</quote> until the
Note: See TracChangeset for help on using the changeset viewer.