Onward branch

Kevin Day thekevinday at gmail.com
Sun Oct 19 08:57:47 PDT 2008


On Sat, Oct 18, 2008 at 6:49 PM, Robert Connolly
<robert at linuxfromscratch.org> wrote:
> If it's possible, I want to install boot scripts to /tools/etc, tell Grub to
> use /tools/bin/init, so when we reboot / is basically empty and we start off
> on the right foot. This avoids overwriting files on /, and lets us set up
> directory and file ownerships so root owns as little as possible. We can't
> really set ownerships on the temporary host because uids probably won't be
> the same.
>
> LFS and CLFS uses some hard coded paths, like /sbin/udevd. There's probably a
> reason for this, but since /tools/bin/udevd is the only udevd we have it
> shouldn't be a problem to use the udevd in $PATH. Or have PATH=/tools/bin
> just for the boot scripts, and PATH=/bin:/usr/bin:/tools/bin for the login
> user.
>
> So I think we need a special set of boot scripts for /tools. Minimal, like
> CLFS's install-minimal, but with network as an option.
>
> We should also start talking about users and groups.
>
> User "admin": owner of most of the filesystem.
>
> Group "bin": has group write permission on most of the filesystem.
>
> User "installer": is in the bin group, used to install packages, but can't
> overwrite files owned by the admin user. Installed packages have their
> ownership changed to user admin.

I have been looking at and starting to use sticky bits to enforce
group permissions so that files installed into that directory will
have the appropriate group set.

There are some problems I noticed, some applications like tar will
overwrite the set sticky-bit group with one of its own choice
(normally the group of the user extracting the file).

Also, are you going to put the list of groups, permissions, and init
script requirements on a list somewhere such as the wiki or a text
file in your onward directory?

>
> Also, if it's possible, straight off the reboot, I want agetty to run as
> non-root. Maybe not today, but it's something to keep in mind. The rebooted
> temporary system should be 100% hardened. This can be done in the boot
> scripts with execcap and/or Debian's runas program.
>

I am pretty sure the agetty user would have to be able to read the
/etc/shadow (actually, how about /tools/etc/shadow ?)
So, is it possible to make a shadow group and put the agetty user with
read permissions?
This would then leave how the agetty user would switch over to the new user.

-- 
Kevin Day



More information about the hlfs-dev mailing list