- File:
-
- 1 edited
-
BOOK/boot/common/changingowner.xml (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
BOOK/boot/common/changingowner.xml
r8f1ae86 rd2ecc65 11 11 <title>Changing Ownership</title> 12 12 13 <para os="a">Currently, the <filename class="directory">${CLFS}</filename> 14 directory and all of its subdirectories are owned by the user 15 <systemitem class="username">clfs</systemitem>, a user that exists only 16 on the host system. For security reasons, the ${CLFS} root directory and 17 all of its subdirectories should be owned by 18 <systemitem class="username">root</systemitem>. Change the ownership 19 for ${CLFS} and its subdirectories by running this command:</para> 13 <para os="a">Currently, the <filename class="directory">/tools</filename> 14 and <filename class="directory">/cross-tools</filename> directories 15 are owned by the user <emphasis>clfs</emphasis>, a user that 16 exists only on the host system. Although <filename 17 class="directory">/tools</filename> and <filename 18 class="directory">/cross-tools</filename> can be deleted once the CLFS 19 system has been finished, they can be retained to build 20 additional CLFS systems. If the <filename class="directory">/tools</filename> 21 and <filename class="directory">/cross-tools</filename> directories are 22 kept as is, the files are owned by a user ID without a corresponding 23 account. This is dangerous because a user account created later could 24 get this same user ID and would own these directories and all the files 25 therein, thus exposing those files to possible malicious manipulation.</para> 20 26 21 <screen os="b"><userinput>chown -Rv &uid-root;:&gid-root; ${CLFS}</userinput></screen> 27 <para os="b">One possible fix for this issue might be to add the 28 <systemitem class="username">clfs</systemitem> user to the new CLFS system 29 later when creating the <filename>/etc/passwd</filename> file, taking care 30 to assign it the same user and group IDs as on the host system. Alternatively, 31 assign the contents of the <filename class="directory">/tools</filename> 32 and <filename class="directory">/cross-tools</filename> directories to 33 user <systemitem class="username">root</systemitem> by running the 34 following commands:</para> 22 35 23 <para>The following files are to be owned by the group 24 <systemitem class="username">utmp</systemitem> not by 25 <systemitem class="username">root</systemitem>.</para> 26 27 <screen><userinput>chgrp -v &gid-utmp; ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog</userinput></screen> 28 36 <screen os="c"><userinput>chown -Rv 0:0 ${CLFS}/tools 37 chown -Rv 0:0 ${CLFS}/cross-tools</userinput></screen> 29 38 30 39 </sect1>
Note:
See TracChangeset
for help on using the changeset viewer.
