On 2/8/07, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:
On Thu, 2007-02-08 at 13:05 +0400, Rakhesh Sasidharan wrote: > How can one setup a system to ask for the root password to get into > single user mode? Well, you can harden a box, somewhat, against meddlers by setting a BIOS admin password, so they can't change BIOS settings without it, and ensuring that the PC can only boot from your hard drive. Also, set a GRUB password, so they can't change boot up parameters without it. I tend to add another stanza to grub.conf for booting from a floppy, though with a "lock" parameter, so a password is required to do so. Unfortunately, our current version of GRUB doesn't let you boot from CD-ROMs, nor other devices (that I'm aware of).
Oh ok. I got the impression from Manuel's post earlier that its possible to have init ask you for a password before dropping you into single user bash. The BIOS and GRUB methods I was aware of, but from his explanations (replacing init itself while startup by passing an argument init=/bin/bash to the kernel while booting) made me think there was some way of making init ask for a password ... Didn't know about the "lock" parameter. Interesting info ... Thanks!
