| blob | cef15f8baa6e17eff62a76806db4994aff7b6fe8 |
1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
3 <!ENTITY % general-entities SYSTEM "../general.ent">
4 %general-entities;
5 ]>
6 <sect1 id="ch-system-changingowner">
7 <title>Changing ownership</title>
8 <?dbhtml filename="changingowner.html"?>
10 <para>Right now the <filename class="directory">/tools</filename> directory
11 is owned by the user <emphasis>lfs</emphasis>, a user that exists only on your
12 host system. Although you will probably want to delete the
13 <filename class="directory">/tools</filename> directory once you have
14 finished your LFS system, you may want to keep it around, for example to
15 build more LFS systems. But if you keep the
16 <filename class="directory">/tools</filename> directory as it is, you end up
17 with files owned by a user ID without a corresponding account. This is
18 dangerous because a user account created later on could get this same user ID
19 and would suddenly own the <filename class="directory">/tools</filename>
20 directory and all the files therein, thus exposing these files to possible
21 malicious manipulation.</para>
23 <para>To avoid this issue, you could add the <emphasis>lfs</emphasis> user to
24 your new LFS system later on when creating the <filename>/etc/passwd</filename>
25 file, taking care to assign it the same user and group IDs as on your host
26 system. Alternatively, you can (and the book assumes you do) assign the
27 contents of the <filename class="directory">/tools</filename> directory to
28 user <emphasis>root</emphasis> by running the following command:</para>
30 <screen><userinput>chown -R 0:0 /tools</userinput></screen>
32 <para>The command uses <quote>0:0</quote> instead of <quote>root:root</quote>,
33 because <userinput>chown</userinput> is unable to resolve the name
34 <quote>root</quote> until the password file has been created.</para>
36 </sect1>