7.3.5. Copy required libraries
bash# cp /lib/libnss_files.so.2 ~/staging/lib
bash# strip −−strip−unneeded ~/staging/lib/*
7.3.6. Set directory and file permissions
Set minimal privileges on all files and directories under ~/staging. Everything is owned by the root user
and the root group. Permissions are read−write for the owner and read−only for the group. Exceptions to the
blanket permissions are handled case by case.
bash# cd ~/staging
bash# chown −R 0:0 ~/staging/*
bash# chmod −R 640 ~/staging/*
Set execute permission on all directories. (Note the capital "X")
bash# chmod −R +X ~/staging/*
Files in /bin are read and execute for all, but su is an exception.
bash# chmod 755 ~/staging/bin/*
bash# chmod 4750 ~/staging/bin/su
Files in /dev have various permissions. Disk devices should be accessible to administrators only. Other files
like /dev/null should have full privileges granted to everyone.
bash# chmod 660 ~/staging/dev/fd0 dev/ram0
bash# chmod 666 ~/staging/dev/null
bash# chmod 622 ~/staging/dev/console
bash# chmod 600 ~/staging/dev/initctl
bash# chmod 622 ~/staging/dev/tty
bash# chmod 622 ~/staging/dev/tty?
The passwd and group files must be world readable.
bash# chmod 644 ~/staging/etc/passwd
bash# chmod 644 ~/staging/etc/group
The scripts in /etc/init.d are read and execute for administrators.
bash# chmod 750 ~/staging/etc/init.d/*
Libraries need read and execute permissions for everyone.
bash# chmod 755 ~/staging/lib/*
Only root should have access to the /root directory.
bash# chmod 700 ~/staging/root
Make files in /sbin read and execute for administrators.
bash# chmod 750 ~/staging/sbin/*
Temp should be read−write for all with the sticky bit set.
bash# chmod 1777 ~/staging/tmp
Pocket Linux Guide
Chapter 7. Enabling Multiple Users 39
To Next Page
Loading...
General