I suppose password protecting grub will stop someone from booting
period, so it will keep them from booting into single user, but if they
figure a way past grub such as a grub boot disk ... Most people run
pretty much the defaults. It shouldn't take much guessing to figure out
the partitioning to mount and boot from. If you have physical,
unfettered, access to a box, it just isn't that hard to own it.
Fedeora and RedHat ( and I believe SuSE as well) don't password grub by
default, but they do put it right in your face during the install. You
have to make a choice one way or the other to continue the install.
The word "single" doesn't work with all Linux distros. I don't even know
if "most" covers it. With RedHat and Fedora and possibly others, using
the word "single" causes my Fedora system to freeze shortly into the
boot sequence. RedHat and Fedora use the numeral one (1).
Every SuSE box I've ever been on requires the root password to boot into
single user by default. I don't recall at the moment if SuSE uses the
word "single" or the numeral one. This is not a grub password, but the
system root password. I don't know offhand how many distros require this
by default, but I suspect the author of that blog entry doesn't actually
know either.
I haven't done it lately so I had to google it, but to enable the system
to require a password to come up in single user:
Add the below line at the end of /etc/inittab file.
~~:S:wait:/sbin/sulogin
and type the following command
#init q
This should enable the password for single-user mode.
Jim G
On Tue, 2009-08-18 at 22:02 -0700, James Tweet wrote:
> http://azerthoth.blogspot.com/search/label/Lessons%20Learned
>
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Aug 18 22:56:09 2009
This archive was generated by hypermail 2.1.8 : Tue Aug 18 2009 - 22:56:09 AKDT