diff options
| author | Gerard Beekmans <gerard@linuxfromscratch.org> | 2005-02-19 22:16:42 +0000 |
|---|---|---|
| committer | Gerard Beekmans <gerard@linuxfromscratch.org> | 2005-02-19 22:16:42 +0000 |
| commit | 81fd230419b0cfd052b08fc1ed352bb7d49975df (patch) | |
| tree | 24c98d2876e5b457dcb88d39e7cca4905f58691a /chapter06/changingowner.xml | |
| parent | 2f9131f8390243dbc350fe2eeb9e1d58f0264888 (diff) | |
Trunk is now identical to Testing
git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@4648 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
Diffstat (limited to 'chapter06/changingowner.xml')
| -rw-r--r-- | chapter06/changingowner.xml | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/chapter06/changingowner.xml b/chapter06/changingowner.xml index 9d53404f6..a22e199c5 100644 --- a/chapter06/changingowner.xml +++ b/chapter06/changingowner.xml @@ -7,8 +7,34 @@ <title>Changing Ownership</title> <?dbhtml filename="changingowner.html"?> -<para>Change the owner of <filename class="directory">/tools</filename>:</para> +<para>Currently, the <filename class="directory">/tools</filename> +directory is owned by the user <emphasis>lfs</emphasis>, a user that +exists only on the host system. Although the <filename +class="directory">/tools</filename> directory can be deleted once the +LFS system has been finished, it can be retained to build additional +LFS systems. If the <filename class="directory">/tools</filename> +directory is kept as is, the files are owned by a user ID without a +corresponding account. This is dangerous because a user account +created later could get this same user ID and would own the <filename +class="directory">/tools</filename> directory and all the files +therein, thus exposing these files to possible malicious +manipulation.</para> + +<para>To avoid this issue, add the <emphasis>lfs</emphasis> user to +the new LFS system later when creating the +<filename>/etc/passwd</filename> file, taking care to assign it the +same user and group IDs as on the host system. Alternatively, assign +the contents of the <filename class="directory">/tools</filename> +directory to user <emphasis>root</emphasis> by running the following +command:</para> <screen><userinput>chown -R 0:0 /tools</userinput></screen> +<para>The command uses <parameter>0:0</parameter> instead of +<parameter>root:root</parameter>, because <command>chown</command> +is unable to resolve the name <quote>root</quote> until the password +file has been created. This book assumes you ran this +<command>chown</command> command.</para> + </sect1> + |