blob: 3c39e4214811de8358058eb7cf2c141f86660b66 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % general-entities SYSTEM "../general.ent">
%general-entities;
]>
<sect1 id="ch-tools-changingowner">
<?dbhtml filename="changingowner.html"?>
<title>Changing Ownership</title>
<note>
<para>The commands in the remainder of this book must be performed while
logged in as user <systemitem class="username">root</systemitem> and no
longer as user <systemitem class="username">lfs</systemitem>. Also, double
check that <envar>$LFS</envar> is set in <systemitem
class="username">root</systemitem>'s environment.</para>
</note>
<para>Currently, the whole directory hierarchy in <filename
class="directory">$LFS</filename>
is owned by the user <systemitem class="username">lfs</systemitem>, a user
that exists only on the host system. If the directories under <filename
class="directory">$LFS</filename> are kept as they are, the files are
owned by a user ID without a corresponding account. This is dangerous because
a user account created later could get this same user ID and would own all
the files under <filename class="directory">$LFS</filename>, thus exposing
these files to possible malicious manipulation.</para>
<para>To address this issue, change the
ownership of the <filename class="directory">$LFS/*</filename> directories to
user <systemitem class="username">root</systemitem> by running the following
command:</para>
<screen><userinput>chown -R root:root $LFS/{usr,lib,var,etc,bin,sbin,tools}
case $(uname -m) in
x86_64) chown -R root:root $LFS/lib64 ;;
esac</userinput></screen>
</sect1>
|