You are not logged in.
Pages: 1
Topic closed
Hi to everyone.
I have GRUB2 installed on my system, but I want to put one password in GRUB for to prevent than anybody can to manipulate it.
Somebody can help me ?
Last edited by Ravenman (2010-04-30 17:14:33)
Offline
What is the problem with this?
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
What is the problem with this?
Taked from Ubuntu Forums:
RTFM [and] "Go look on google" are two inappropriate responses to a question. If you don't know the answer or don't wish to help, please say nothing instead of brushing off someone's question. Politely showing someone how you searched or obtained the answer to a question is acceptable, even encouraged.
...
If you wish to remind a user to use search tools or other resources when they have asked a question you feel is basic or common, please be very polite. Any replies for help that contain language disrespectful towards the user asking the question, i.e. "STFU" or "RTFM" are unacceptable and will not be tolerated.
The problem with your "HELP" is: all the found information it's about Debian or derivatives, and the command update-grub it isn't in Arch Linux.
Offline
@ravenman
Uhh, he didn't say STFU or RTFM, he just put out a google search for you. No need to get too angry.
Also, I don't see an update-grub command in this article.
Offline
@ravenman
Uhh, he didn't say STFU or RTFM, he just put out a google search for you. No need to get too angry.Also, I don't see an update-grub command in this article.
Are you sure ?
1. The .:B:.'s help means "Go look on google".
2. At the end of 4. Setting Up Password Protection, I can read: Save the files, run "sudo update-grub", and reboot..
Offline
Ah, I see. Have you tried following all of the steps up to the update-grub steps? Maybe that will enable update-grub or something.
Offline
The relevant section of http://ubuntuforums.org/showthread.php?t=1369019 is "2. How it works". There you have an example of a grub.cfg file with password protection enabled. You're not supposed to edit this file manually, but instead to create it automatically using the scripts / config files in /etc/grub.d. The rest of the how-to is about how to change those config files such that update-grub creates the desired grub.cfg.
However, nothing prevents you from editing grub.cfg directly, and in this situation that seems a lot easier, at least for the sake of figuring out how things work.
Here's a simplified version of the grub.cfg example:
set superusers="user1"
password user1 password1
menuentry "GNU/Linux" --users user1 {
set root=(hd0,1)
linux /vmlinuz
}
Disclaimer: I don't use grub2, so I cannot test this, and this thread doesn't make me want to use it any time soon.
Good ideas do not need lots of lies told about them in order to gain public acceptance.
Offline
Just tested grey solution and it works.
The "--users user1" part is not needed if your goal is just to protect from boot-time editing.
@grey: I've been using grub2 for month now and it worked flawlessly so far. What's wrong with it for you ?
Carpe Diem
Offline
@NSB-fr: it just seems more complicated to set things up than with grub-legacy and I don't see the benefit since I only have straightforward primary / extended partitions.
Last edited by grey (2010-04-30 12:14:56)
Good ideas do not need lots of lies told about them in order to gain public acceptance.
Offline
Big quote from the Ubuntu forums
Well you're wrong. These are not the Ubuntu forums. Even if you did a search (which we expect our users to do, since, again, these are *not* the Ubuntu forums), you did not mention it, so I cannot assume you did. If you did, you should have mentioned; if you did not, you should have searched the internet first .
I'm sure you're familiar with the philosophy behind Arch. Act accordingly.
The problem with your "HELP" is: all the found information it's about Debian or derivatives, and the command update-grub it isn't in Arch Linux.
As other people demonstrated in this same thread, my simple google query does yield relevant results. Surely a Debian/Ubuntu-centered explanation will, at a certain point, get you stuck on a command or a file or a service (add whatever you want to that list). However, it's at that very moment that you show initiative - by trying, by testing, by fiddling; by being an Arch user.
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
I think update-grub should be the same like `grub-mkconfig -o /boot/grub/grub.cfg` which exists also in Arch Linux. It generates a new grub.cfg file.
Offline
Hi to everyone:
This is the solution:
In the command line, run this command:
[root@test ~]# grub-mkpasswd-pbkdf2
The console will shows this:
[root@test ~]# grub-mkpasswd-pbkdf2
Enter password:
Reenter password:
After from joined the password, the system shows something like this:
[root@test ~]# grub-mkpasswd-pbkdf2
Enter password:
Reenter password:
Your PBKDF2 is grub.pbkdf2.sha512.10000.706A070CD168B759801D2790C6D48D5C3842B9165CF08600918CD9A496B6BFF9CD9BB8F7C99DEC431DF3AD0D466709ECE041FC00C5C1B58F00A879E0322959B7.6FC5058001DFFC1CD6B35F9A5DA66ED6C8745E4999E064E712C9BF302E8F2547CD0B591C33A340F229FD79D2252E23CFC41410C9A3300537E54C9CE6F7008100
After, we edit the /boot/grub/grub.cfg file and write this at the top:
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by /sbin/grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#
set superusers="testuser"
password_pbkdf2 testuser grub.pbkdf2.sha512.10000.706A070CD168B759801D2790C6D48D5C3842B9165CF08600918CD9A496B6BFF9CD9BB8F7C99DEC431DF3AD0D466709ECE041FC00C5C1B58F00A879E0322959B7.6FC5058001DFFC1CD6B35F9A5DA66ED6C8745E4999E064E712C9BF302E8F2547CD0B591C33A340F229FD79D2252E23CFC41410C9A3300537E54C9CE6F7008100
Save the file, reboot your system and test if works.
Thanks to everyone for your attention and help. Until the next.
Offline
Nice one, I must say. Just used it on my box earlier
Offline
Thanks.
Offline
What to do if I only want to protect a specific option? For example the option "E" of the boot.
Offline
What to do if I only want to protect a specific option? For example the option "E" of the boot.
One thing you don't do is to bump a 13-year old solved thread. This is considered a necrobump, and it is against our rules.
Instead, start a new topic (which you can marked solved when you find a solution) and link back to this one if you think it still applies.
Closing.
Offline
Pages: 1
Topic closed