aboutsummaryrefslogtreecommitdiffstats
path: root/chapter07
diff options
context:
space:
mode:
Diffstat (limited to 'chapter07')
-rw-r--r--chapter07/changingowner.xml41
-rw-r--r--chapter07/chapter07.xml1
2 files changed, 42 insertions, 0 deletions
diff --git a/chapter07/changingowner.xml b/chapter07/changingowner.xml
new file mode 100644
index 000000000..43a902821
--- /dev/null
+++ b/chapter07/changingowner.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+ <!ENTITY % general-entities SYSTEM "../general.ent">
+ %general-entities;
+]>
+
+<sect1 id="ch-tools-changingowner">
+ <?dbhtml filename="changingowner.html"?>
+
+ <title>Changing Ownership</title>
+
+ <note>
+ <para>The commands in the remainder of this book must be performed while
+ logged in as user <systemitem class="username">root</systemitem> and no
+ longer as user <systemitem class="username">lfs</systemitem>. Also, double
+ check that <envar>$LFS</envar> is set in <systemitem
+ class="username">root</systemitem>'s environment.</para>
+ </note>
+
+ <para>Currently, the whole directory hierarchy in <filename
+ class="directory">$LFS</filename>
+ is owned by the user <systemitem class="username">lfs</systemitem>, a user
+ that exists only on the host system. If the directories under <filename
+ class="directory">$LFS</filename> are kept as they are, the files are
+ owned by a user ID without a corresponding account. This is dangerous because
+ a user account created later could get this same user ID and would own all
+ the files under <filename class="directory">$LFS</filename>, thus exposing
+ these files to possible malicious manipulation.</para>
+
+ <para>To avoid this issue, you could add the <systemitem
+ class="username">lfs</systemitem> user to the new LFS system later when
+ creating the <filename>/etc/passwd</filename> file, taking care to assign it
+ the same user and group IDs as on the host system. Better yet, change the
+ ownership of the <filename class="directory">$LFS/*</filename> directories to
+ user <systemitem class="username">root</systemitem> by running the following
+ command:</para>
+
+<screen><userinput>chown -R root:root $LFS/{usr,lib,var,etc,bin,sbin,lib64,tools}</userinput></screen>
+
+</sect1>
diff --git a/chapter07/chapter07.xml b/chapter07/chapter07.xml
index df740eaa5..ae5c9b7b3 100644
--- a/chapter07/chapter07.xml
+++ b/chapter07/chapter07.xml
@@ -11,6 +11,7 @@
<title>Entering Chroot and Building Additional Tools</title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="changingowner.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="kernfs.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="chroot.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="creatingdirs.xml"/>