GRUB settings during 11.3 install not honoured

I recently installed 11.3 from the network install CD and I wanted to configure GRUB to have a boot password. I went into the necessary options and enabled the password and saved. I went back in to confirm it stuck, and the password option was unchecked and the password was blanked.

I re-entered the information and just carried on. The installation summary didn’t mention any password being applied to GRUB, but I just kept on going. Sure enough, there is no password on boot with GRUB now.

I tried this over multiple installs in the past couple days, as well as with the 11.2 network install CD, and on no install was the password option honoured.

So is this normal behaviour? Is the password purposely disabled, or is this a bug of the installer?

I found instructions on how to do this manually here at the following link:

How To Password Protect GRUB Entries (Linux)

I tried it out and it does work, but the grub menu can not display the graphic menu when a password must be entered. It would keep you out perhaps without the password, but once in, anyone who knows the root user password could remove this from the grub menu.lst file. Further, anyone with a Linux boot disk could go in and remove this stuff as well. But, if you wish to proceed, you can do so with this information.

Thank You,

I couldn’t help but notice in your signature section that you have the 2.6.36.1 kernel. Does that come with the 64-bit version of 11.3 or did you upgrade that yourself? I’m installing openSUSE 11.3 x64 on my laptop tonight, and would love to know how to upgrade the kernel. I did a cursory Google search but didn’t find anything that satisfied my query.

On a side note, I just added the “password --md5 <hash>” entry to my menu.lst file and I’m still able to use grub commands without a password. I wonder if I’m doing something wrong or if it really doesn’t jive with the password protection thing.

Thanks!

spsalsm I couldn’t help but notice in your signature section that you have the 2.6.36.1 kernel. Does that come with the 64-bit version of 11.3 or did you upgrade that yourself? I’m installing openSUSE 11.3 x64 on my laptop tonight, and would love to know how to upgrade the kernel. I did a cursory Google search but didn’t find anything that satisfied my query.

On a side note, I just added the “password --md5 <hash>” entry to my menu.lst file and I’m still able to use grub commands without a password. I wonder if I’m doing something wrong or if it really doesn’t jive with the password protection thing.

Thanks!
There is a script for that and it is located here and read message #31 for the most recent version.

S.A.K.C - SuSE Automated Kernel Compiler

You need to go here to fetch the kernel you wish to use. I do suggest to anyone new to stick with a final kernel release like Kernel version 2.6.36.1 as it is not beta and very stable.

The Linux Kernel Archives

Make sure to adjust a new parameter in the script to the number of CPU’s you have installed (1, 2, 4) before you save the file. This is just a standard text file you create with the text I post online. Be careful to not change anything except for the option I mention. For instance one user complained about a problem in line 117, but the actual problem was an extra line return he put in the middle of one of the commands by accident.

The script, except as allowed, should be exactly as shown online here. Once saved in your home bin folder, you must mark it executable. You can ask more questions if anything does not make sense. A kernel compile can take a long time, up to an hour. It will modify your grub menu.lst file and add a new option. If you are loading the ATI or nVidia driver, it must be reloaded anytime you update or install a new kernel.

Thank You,

On 2010-11-26 22:36, jdmcdaniel3 wrote:

> I tried it out and it does work, but the grub menu can not display the
> graphic menu when a password must be entered. It would keep you out
> perhaps without the password, but once in, anyone who knows the root
> user password could remove this from the grub menu.lst file.

Obviously. Don’t give that password to anyone - if needed, configure sudo
to require user password (not the target user).

> Further,
> anyone with a Linux boot disk could go in and remove this stuff as well.

For that, you add a bios config password :wink:

And a hardware lock, and hire some guns :wink:


Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)