Hide Forgot
Description of problem: Unlike in previous Fedora releases featuring grub 0.9x, recent releases of Fedora do not provide a means of protecting system boot options with a password specified during installing the system. Version-Release number of selected component (if applicable): anaconda-25.20.1-1.fc25 How reproducible: Always Steps to Reproduce: 1. Install Fedora 25 using a recent install media. Actual results: At no point, the installer allows the user to add password protection for the system boot options. Expected results: Like in previous releases featuring grub 0.9x, a password for protecting the system boot options can be specified. Additional info: Since password protection for the system boot options can be set up for an installed system following official Fedora documentation material, no technical reason appears to prohibit anaconda from incorporating this security measure. From a user's point of view, password protection of the system boot options looks like a fundamental security feature. The lack of this feature implies that the present default password protection of run-level 1 is absolutely useless.
Fedora 25 changed to end-of-life (EOL) status on 2017-12-12. Fedora 25 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
Issue is still present for all of Fedora 26, 27, and 28.
This message is a reminder that Fedora 26 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 26. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '26'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 26 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Hi, I think that you can set up the password in a kickstart file with the --password option of the bootloader command. See: http://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#bootloader
(In reply to Vendula Poncova from comment #4) Before moving to GRUB2, the graphical installer offered the hard-to-overlook possibility to enable a password protection for GRUB and to set the corresponding password. The suggested workaround is rather suitable for "experts". Normal users may not even realize that the omission of a boot-loader password leaves their system vulnerable to intrusion by persons who have physical access to their system. Moreover, customizing a kickstart file is certainly more complicated than simply setting a boot-load password after finishing the install procedure.
This message is a reminder that Fedora 27 is nearing its end of life. On 2018-Nov-30 Fedora will stop maintaining and issuing updates for Fedora 27. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '27'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 27 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 27 changed to end-of-life (EOL) status on 2018-11-30. Fedora 27 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
Issue is still present for all of Fedora 28, 29, and 30 (Rawhide).
This message is a reminder that Fedora 28 is nearing its end of life. On 2019-May-28 Fedora will stop maintaining and issuing updates for Fedora 28. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '28'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 28 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 28 changed to end-of-life (EOL) status on 2019-05-28. Fedora 28 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
Hi Joachim, we are not going to implement this feature in the current UI. The password is supported only by GRUB, so the UI element would have to be disabled for other types of bootloaders. Usually, we are trying to avoid this kind of UI elements, because it is difficult to test them and the code is prone to errors. The current UI design also doesn't provide a good place for bootloader-specific options like this one.