Ubuntu
ubuntu-docs package

  1. Bug #384148
  2. Comment #0

Comment 0 for bug 384148

Revision history for this message
sasha (sasha123-deactivatedaccount) wrote : Major bug in Console Security help page (affects all version)

Binary package hint: ubuntu-docs

Hi,

Just found few bugs in Console Security how-to located at https://help.ubuntu.com/9.04/serverguide/C/console-security.html.

Bugs are related to GRUB Password Security how-to and affect all versions of documentation.

1. First of all there should be a note that "password --md5 pass" string has not to be located under the title item but in a global area.
2. The string "# lockalternative=false" confused me, it is necessary to note that string has not to be copied without hash char. It has to be edited as "# lockalternative=true" because it as a template for grub-update scripts.
3. !!!This is a major bug!!! After editing lockalternative to true it is necessary to put "lock" parameter under the title with recover mode as follows:

title Ubuntu 9.04, kernel 2.6.xx-x-generic (recovery mode)
lock
uuid xxx
kernel /boot/vmlinuz-2.6.xx-x-generic root=UUID=xxx ro single
initrd /boot/initrd.img-2.6.xx-x-generic

4. !!!It is necessary to note, that lock parameter which has been added in the item 3 will not be modified by grub-update script(in case of kernel upgrade and other changes) because of "# lockalternative=true". Without "# lockalternative=true" single user mode will be unlocked on next grub-update.

BTW, do we need to add lock parameter each time to the new title with a new kernel?