8.5. Changing Ownership

Currently, the /tools and /cross-tools directories are owned by the user clfs, a user that exists only on the host system. Although /tools and /cross-tools can be deleted once the CLFS system has been finished, they can be retained to build additional CLFS systems. If the /tools and /cross-tools directories are kept as is, the files are owned by a user ID without a corresponding account. This is dangerous because a user account created later could get this same user ID and would own these directories and all the files therein, thus exposing those files to possible malicious manipulation.

One possible fix for this issue might be to add the clfs user to the new CLFS system later when creating the /etc/passwd file, taking care to assign it the same user and group IDs as on the host system. Alternatively, assign the contents of the /tools and /cross-tools directories to user root by running the following commands:

chown -Rv 0:0 /tools
chown -Rv 0:0 /cross-tools

The commands use 0:0 instead of root:root, because chown is unable to resolve the name “root” until the passwd file has been created.