1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
|
---|
3 | <!ENTITY % general-entities SYSTEM "../general.ent">
|
---|
4 | %general-entities;
|
---|
5 | ]>
|
---|
6 | <sect1 id="ch-system-changingowner">
|
---|
7 | <title>Changing ownership</title>
|
---|
8 | <?dbhtml filename="changingowner.html"?>
|
---|
9 |
|
---|
10 | <para>Right now the <filename class="directory">/tools</filename> directory
|
---|
11 | is owned by the user <emphasis>lfs</emphasis>, a user that exists only on your
|
---|
12 | host system. Although you will probably want to delete the
|
---|
13 | <filename class="directory">/tools</filename> directory once you have
|
---|
14 | finished your LFS system, you may want to keep it around, for example to
|
---|
15 | build more LFS systems. But if you keep the
|
---|
16 | <filename class="directory">/tools</filename> directory as it is, you end up
|
---|
17 | with files owned by a user ID without a corresponding account. This is
|
---|
18 | dangerous because a user account created later on could get this same user ID
|
---|
19 | and would suddenly own the <filename class="directory">/tools</filename>
|
---|
20 | directory and all the files therein, thus exposing these files to possible
|
---|
21 | malicious manipulation.</para>
|
---|
22 |
|
---|
23 | <para>To avoid this issue, you could add the <emphasis>lfs</emphasis> user to
|
---|
24 | your new LFS system later on when creating the <filename>/etc/passwd</filename>
|
---|
25 | file, taking care to assign it the same user and group IDs as on your host
|
---|
26 | system. Alternatively, you can (and the book assumes you do) assign the
|
---|
27 | contents of the <filename class="directory">/tools</filename> directory to
|
---|
28 | user <emphasis>root</emphasis> by running the following command:</para>
|
---|
29 |
|
---|
30 | <screen><userinput>chown -R 0:0 /tools</userinput></screen>
|
---|
31 |
|
---|
32 | <para>The command uses <parameter>0:0</parameter> instead of <parameter>root:root</parameter>,
|
---|
33 | because <userinput>chown</userinput> is unable to resolve the name
|
---|
34 | <quote>root</quote> until the password file has been created.</para>
|
---|
35 |
|
---|
36 | </sect1>
|
---|