Red Hat Bugzilla – Bug 882721
grub2 an passwords broken
Last modified: 2013-01-29 17:14:36 EST
will we ever get this dumb behavior fixed that grub2-mkconfig does NOT include --unrestricted or grub2 NOT incorrectly requests the password on a UNATTENDED boot?
Am 03.12.2012 00:15, schrieb Kevin Fenzi:> On Sun, 02 Dec 2012 23:36:58 +0100
> Reindl Harald <email@example.com> wrote:
>> grub2 in fedora is crap
> I'm not the grub2 maintainer, but personally I would ask you for a
> more understandable report. What did you want to happen? What happened?
> Whats your config?
> Perhaps expanding on your bug report would get it more attention?
the same password protection for the bootloader which was possible
for dacades with "grub-legacy" - request the password if someone
is touching the boot-entry but leave the user in peace for a
password_pbkdf2 root grub.pbkdf2.sha512.10000.*********************
results in a password request every time
menuentry 'Fedora (3.6.8-2.fc17.x86_64)' --unrestricted --class fedora --class gnu-linux
brings back the behavior only request a password if you try to boot
as example in single-user-mode or modify any kernel-param
"--unrestricted" is the key to bring back this behavior
this was NOT the case for all grub2-releases
it is a MAJOR DEGRADE of a bootloader having problems to secure
it with a password because it is HARDLY needed if you want to be
sure that nobody bypass your boot-configuration after you made
sure your BIOS settings are protected with a password and boot
from any external media is disallowed
*** This bug has been marked as a duplicate of bug 840160 ***