Musl Linux From Scratch - Version 1.0-musl

Chapter 7. Entering Chroot and Building Additional Temporary Tools

7.2. Changing Ownership

[Note]

Note

The commands in the remainder of this book must be performed while logged in as user root and no longer as user lfs. Also, double check that $LFS is set in root's environment.

Currently, the whole directory hierarchy in $LFS is owned by the user lfs, a user that exists only on the host system. If the directories and files under $LFS are kept as they are, they will be owned by a user ID without a corresponding account. This is dangerous because a user account created later could get this same user ID and would own all the files under $LFS, thus exposing these files to possible malicious manipulation.

To address this issue, change the ownership of the $LFS/* directories to user root by running the following command: 

chown --from lfs -R root:root $LFS/{usr,var,etc,tools}
case $(uname -m) in
  x86_64) chown --from lfs -R root:root $LFS/lib64 ;;
esac

The following is a helper script to enter and exit the chroot environment, aids in mounting and un-mounting the virtual filesystems. 

cat > $LFS/sbin/musl-lfs-chroot << "EOF"
#!/bin/bash
zprint() { echo -e "\033[1;32m *** $1 *** \033[0m"; }
stars() { printf '%.0s*' {1..100}; printf '\n'; }

LFS=${LFS:-/mnt/lfs}
LFS_TGT=${LFS_TGT:-$(uname -m)-lfs-linux-musl}
LC_ALL=POSIX

chroot_pre() {
  stars
  zprint " === Mounting Virtual Kernel Filesystems === "
  mkdir -pv $LFS/{dev,proc,sys,run}
  mount -v --bind /dev $LFS/dev
  mount -vt devpts devpts -o gid=5,mode=0620 $LFS/dev/pts
  mount -vt proc proc $LFS/proc
  mount -vt sysfs sysfs $LFS/sys
  mount -vt tmpfs tmpfs $LFS/run
  if [ -h $LFS/dev/shm ]; then
    install -v -d -m 1777 $LFS$(realpath /dev/shm)
  else
    mount -vt tmpfs -o nosuid,nodev tmpfs $LFS/dev/shm
  fi
  if [ ! -f $LFS/etc/resolv.conf ]; then
    printf "nameserver 1.1.1.1\nnameserver 8.8.8.8\n" > $LFS/etc/resolv.conf
  fi
  stars
}

chroot_exec() {
  stars
  zprint " === Entering Chroot $LFS === "
  /usr/sbin/chroot "$LFS" \
  /usr/bin/env -i HOME=/root TERM="$TERM" \
  PS1='($?) (LFS chroot) \u:\w\$ ' \
  PATH=/usr/bin:/usr/sbin \
  MAKEFLAGS="-j$(nproc)" \
  TESTSUITEFLAGS="-j$(nproc)" \
  /bin/bash --login
  zprint " === Welcome Back === "
  stars
}

check_unmount() { mountpoint -q "$1" && umount -v "$1"; }

chroot_post() {
  stars
  zprint " === Un-Mounting Virtual Kernel Filesystems === "
  check_unmount $LFS/sys/firmware/efi/efivars
  check_unmount $LFS/dev/pts
  check_unmount $LFS/dev/shm
  check_unmount $LFS/dev
  check_unmount $LFS/run
  check_unmount $LFS/proc
  check_unmount $LFS/sys
  stars
}
stars

# checks if directory exists
[ ! -d $LFS ] && { zprint "Error $LFS is not a mountpoint"; exit 1; }

# mounts virtual kernel filesystems
chroot_pre

# enters the new root environment
chroot_exec

# cleans up the virtual kernel filesystems
chroot_post

stars
EOF

chmod -v +x $LFS/sbin/musl-lfs-chroot

The last command will make it executabnle and allow you to enter and exit your new lfs environment with ease. By $LFS/sbin/musl-lfs-chroot.