lfs/chapter06/changingowner.xml

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
  "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
  <!ENTITY % general-entities SYSTEM "../general.ent">
  %general-entities;
]>

<sect1 id="ch-system-changingowner">
  <?dbhtml filename="changingowner.html"?>

  <title>Changing Ownership</title>

  <para>Currently, the <filename class="directory">/tools</filename> directory
  is owned by the user <systemitem class="username">lfs</systemitem>, a user
  that exists only on the host system. Although the <filename
  class="directory">/tools</filename> directory can be deleted once the LFS
  system has been finished, it can be retained to build additional LFS systems.
  If the <filename class="directory">/tools</filename> directory is kept as is,
  the files are owned by a user ID without a corresponding account. This is
  dangerous because a user account created later could get this same user ID
  and would own the <filename class="directory">/tools</filename> directory
  and all the files therein, thus exposing these files to possible malicious
  manipulation.</para>

  <para>To avoid this issue, add the <systemitem class="username">lfs</systemitem>
  user to the new LFS system later when creating the
  <filename>/etc/passwd</filename> file, taking care to assign it the same user
  and group IDs as on the host system. Alternatively, assign the contents of
  the <filename class="directory">/tools</filename> directory to user
  <systemitem class="username">root</systemitem> by running the following
  command:</para>

<screen><userinput>chown -R 0:0 /tools</userinput></screen>

  <para>The command uses <parameter>0:0</parameter> instead of
  <parameter>root:root</parameter>, because <command>chown</command>
  is unable to resolve the name <quote>root</quote> until the
  <filename>passwd</filename> file has been created.</para>

</sect1>