Changeset cbfa0a3 for boot/common/changingowner.xml
- Timestamp:
- Feb 21, 2006, 1:56:25 AM (18 years ago)
- Children:
- 07b5f51
- Parents:
- 54e0992
- File:
-
- 1 edited
-
boot/common/changingowner.xml (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
boot/common/changingowner.xml
r54e0992 rcbfa0a3 11 11 <title>Changing Ownership</title> 12 12 13 <para os="a">Currently, the <filename class="directory">/tools</filename> 14 directory is owned by the user <systemitem class="username">lfs</systemitem>, 15 a user that exists only on the host system. Although the <filename 16 class="directory">/tools</filename> directory can be deleted once the 17 LFS system has been finished, it can be retained to build additional 18 LFS systems. If the <filename class="directory">/tools</filename> 19 directory is kept as is, the files are owned by a user ID without a 13 <note os="a"> 14 <para>From now on, all commands in the rest of the book will be run as the <systemitem class="username">root</systemitem> user.</para> 15 </note> 16 17 <para os="b">Currently, the <filename class="directory">/tools</filename> 18 directory, <filename class="directory">/cross-tools</filename> directory, and 19 <filename class="directory">$LFS</filename> directory are owned 20 by the user <systemitem class="username">lfs</systemitem>, 21 a user that exists only on the host system. For security reasons, the $LFS root directory and all of it subdirectories should be owned by <systemitem class="username">root</systemitem>. Change the ownership for $LFS and its subdirectories by running these commands:</para> 22 23 <screen><userinput>chown 0:0 ${LFS} 24 chown -R 0:0 $LFS/{bin,boot,dev,etc,home,lib,media,mnt,opt,proc,root,sbin,srv,sys,tmp,usr,var}</userinput></screen> 25 26 <para os="c">Optionally, you can do the same with <filename class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename>. Although these directories can be deleted once the 27 LFS system has been finished, they can be retained to build additional 28 LFS systems. If the <filename class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename> 29 directories are kept as is, the files are owned by a user ID without a 20 30 corresponding account. This is dangerous because a user account created 21 31 later could get this same user ID and would own the <filename 22 class="directory">/tools</filename> directoryand all the files therein,32 class="directory">/tools</filename> and <filename class="directory">/cross-tools</filename> directories and all the files therein, 23 33 thus exposing these files to possible malicious manipulation.</para> 24 34 25 <para os=" b">To avoid this issue, add the <systemitem35 <para os="d">To avoid this issue, add the <systemitem 26 36 class="username">lfs</systemitem> user to the new LFS system later when 27 37 creating the <filename>/etc/passwd</filename> file, taking care to assign 28 38 it the same user and group IDs as on the host system. Alternatively, 29 39 assign the contents of the <filename class="directory">/tools</filename> 30 directoryto user <systemitem class="username">root</systemitem> by running40 and <filename class="directory">/cross-tools</filename> directories to user <systemitem class="username">root</systemitem> by running 31 41 the following command:</para> 32 42 33 43 <screen><userinput>chown -R 0:0 /tools 34 chown -R 0:0 ${LFS}</userinput></screen>44 chown -R 0:0 /cross-tools</userinput></screen> 35 45 36 <para os="c">The command uses <parameter>0:0</parameter> instead of 46 <para os="e">This book assumes you ran these <command>chown</command> commands.</para> 47 48 <!-- <para os="c">The command uses <parameter>0:0</parameter> instead of 37 49 <parameter>root:root</parameter>, because <command>chown</command> 38 50 is unable to resolve the name <quote>root</quote> until the password 39 51 file has been created. This book assumes you ran this 40 <command>chown</command> command.</para> 52 <command>chown</command> command.</para> --> 41 53 42 54 </sect1>
Note: See TracChangeset
for help on using the changeset viewer.
