[673b0d8] | 1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
[1770019] | 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
|
---|
[673b0d8] | 3 | <!ENTITY % general-entities SYSTEM "../general.ent">
|
---|
| 4 | %general-entities;
|
---|
| 5 | ]>
|
---|
| 6 | <sect1 id="ch-system-changingowner">
|
---|
[bce08ef] | 7 | <title>Changing Ownership</title>
|
---|
[673b0d8] | 8 | <?dbhtml filename="changingowner.html"?>
|
---|
| 9 |
|
---|
[81fd230] | 10 | <para>Currently, the <filename class="directory">/tools</filename>
|
---|
| 11 | directory is owned by the user <emphasis>lfs</emphasis>, a user that
|
---|
| 12 | exists only on the host system. Although the <filename
|
---|
| 13 | class="directory">/tools</filename> directory can be deleted once the
|
---|
| 14 | LFS system has been finished, it can be retained to build additional
|
---|
| 15 | LFS systems. If the <filename class="directory">/tools</filename>
|
---|
| 16 | directory is kept as is, the files are owned by a user ID without a
|
---|
| 17 | corresponding account. This is dangerous because a user account
|
---|
| 18 | created later could get this same user ID and would own the <filename
|
---|
| 19 | class="directory">/tools</filename> directory and all the files
|
---|
| 20 | therein, thus exposing these files to possible malicious
|
---|
| 21 | manipulation.</para>
|
---|
| 22 |
|
---|
| 23 | <para>To avoid this issue, add the <emphasis>lfs</emphasis> user to
|
---|
| 24 | the new LFS system later when creating the
|
---|
| 25 | <filename>/etc/passwd</filename> file, taking care to assign it the
|
---|
| 26 | same user and group IDs as on the host system. Alternatively, assign
|
---|
| 27 | the contents of the <filename class="directory">/tools</filename>
|
---|
| 28 | directory to user <emphasis>root</emphasis> by running the following
|
---|
| 29 | command:</para>
|
---|
[673b0d8] | 30 |
|
---|
| 31 | <screen><userinput>chown -R 0:0 /tools</userinput></screen>
|
---|
| 32 |
|
---|
[81fd230] | 33 | <para>The command uses <parameter>0:0</parameter> instead of
|
---|
| 34 | <parameter>root:root</parameter>, because <command>chown</command>
|
---|
| 35 | is unable to resolve the name <quote>root</quote> until the password
|
---|
| 36 | file has been created. This book assumes you ran this
|
---|
| 37 | <command>chown</command> command.</para>
|
---|
| 38 |
|
---|
[673b0d8] | 39 | </sect1>
|
---|
[81fd230] | 40 |
|
---|