Context Navigation

-              rb4cd3c5
+              re6ab4b5
 <?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+  "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
   <!ENTITY % general-entities SYSTEM "../general.ent">
   %general-entities;
 ]>
 <sect1 id="ch-system-changingowner">
+<title>Changing Ownership</title>
+<?dbhtml filename="changingowner.html"?>
+  <?dbhtml filename="changingowner.html"?>
+<para>Currently, the <filename class="directory">/tools</filename>
+directory is owned by the user <emphasis>lfs</emphasis>, a user that
+exists only on the host system. Although the <filename
+class="directory">/tools</filename> directory can be deleted once the
+LFS system has been finished, it can be retained to build additional
+LFS systems. If the <filename class="directory">/tools</filename>
+directory is kept as is, the files are owned by a user ID without a
+corresponding account. This is dangerous because a user account
+created later could get this same user ID and would own the <filename
+class="directory">/tools</filename> directory and all the files
+therein, thus exposing these files to possible malicious
+manipulation.</para>
+  <title>Changing Ownership</title>
+<para>To avoid this issue, add the <emphasis>lfs</emphasis> user to
+the new LFS system later when creating the
+<filename>/etc/passwd</filename> file, taking care to assign it the
+same user and group IDs as on the host system. Alternatively, assign
+the contents of the <filename class="directory">/tools</filename>
+directory to user <emphasis>root</emphasis> by running the following
+command:</para>
+  <para>Currently, the <filename class="directory">/tools</filename> directory
+  is owned by the user <systemitem class="username">lfs</systemitem>, a user
+  that exists only on the host system. Although the <filename
+  class="directory">/tools</filename> directory can be deleted once the LFS
+  system has been finished, it can be retained to build additional LFS systems.
+  If the <filename class="directory">/tools</filename> directory is kept as is,
+  the files are owned by a user ID without a corresponding account. This is
+  dangerous because a user account created later could get this same user ID
+  and would own the <filename class="directory">/tools</filename> directory
+  and all the files therein, thus exposing these files to possible malicious
+  manipulation.</para>
+  <para>To avoid this issue, add the <systemitem class="username">lfs</systemitem>
+  user to the new LFS system later when creating the
+  <filename>/etc/passwd</filename> file, taking care to assign it the same user
+  and group IDs as on the host system. Alternatively, assign the contents of
+  the <filename class="directory">/tools</filename> directory to user
+  <systemitem class="username">root</systemitem> by running the following
+  command:</para>
 <screen><userinput>chown -R 0:0 /tools</userinput></screen>
+<para>The command uses <parameter>0:0</parameter> instead of
+<parameter>root:root</parameter>, because <command>chown</command>
+is unable to resolve the name <quote>root</quote> until the password
+file has been created. This book assumes you ran this
+<command>chown</command> command.</para>
+  <para>The command uses <parameter>0:0</parameter> instead of
+  <parameter>root:root</parameter>, because <command>chown</command>
+  is unable to resolve the name <quote>root</quote> until the
+  <filename>passwd</filename> file has been created.</para>
 </sect1>

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset e6ab4b5 for chapter06/changingowner.xml

Legend:

chapter06/changingowner.xml

Download in other formats: