Nowadays, /etc/grub.d/40_custom provides a nice place for the "set
superusers" and "password*" commands
But that's not sufficient, as it requires the allowed boot entries to
be marked --unrestricted, which no script appears to support yet.
I am adding myself --unrestricted to the CLASS definition
On Tue, 27 Oct 2009 14:43:36 +0100, Jeroen Massar wrote:
To just add a password which thus doesn't allow editing of boot
entries: 8<---
jeroen@purgatory:~$
cat /etc/grub.d/42_password
#!/bin/sh
exec tail -n +1 $0
# add a password so that grub e
It is not too hard to just have a password which blocks people from
editing the grub options (and thus let them do init=/bin/sh). That in
combo with a proper BIOS lock from booting from anything else but the
main disk will at least deter people from quickly changing the disk.
Of course as they have
3 matches
Mail list logo
