Re: password protecting lilo

Illo de' Illis 3 Jul 1999 07:01:41 -0000

On Sat, Jul 03, 1999 at 02:51:50AM -0000, Pollywog wrote:
> How does one actually password protect lilo?
> In the man page, this is mentioned but no examples are given, so all I know is
> that the word "restricted" goes someplace in lilo.conf and then
> password=<password> but .... should I then chmod 600 lilo.conf?  If not, the
> password will just be there for all to see.


Since the password must be written in plain ASCII you _must_ set the lilo.conf
permissions to 0600. You can protect with <password=....> all the images (by
putting it before the image sections) or protect every single image by
inserting it in each image section. The <restricted> flag means that LILO will
ask the user for a password only if the user has added some kernel options
along with the image label. Here are some examples:

1. Protect every image with a password:
boot=/dev/hda
root=/dev/hda1
install=/boot/boot.b
map=/boot/map
vga=normal
delay=0
password=foobar
image=/boot/bzImage-2.3.9
        label=dev
        append="video=pm2fb:mode:1024x768-illo,font:SUN12x22,ypan"
        read-only
image=/boot/bzImage-2.2.10
        label=stable
        append="video=pm2fb:mode:1024x768-illo,font:SUN12x22,ypan"
        read-only

2. Protect two single images with different passwords:
boot=/dev/hda
root=/dev/hda1
install=/boot/boot.b
map=/boot/map
vga=normal
delay=0
image=/boot/bzImage-2.3.9
        label=dev
        password=foo
        append="video=pm2fb:mode:1024x768-illo,font:SUN12x22,ypan"
        read-only
image=/boot/bzImage-2.2.10
        label=stable
        password=bar
        append="video=pm2fb:mode:1024x768-illo,font:SUN12x22,ypan"
        read-only

3. Protect the images with a password, but the unstable kernel can be loaded
   without specifying the password iff there's no request for kernel
   options (i.e. 's', boot in single user mode).
boot=/dev/hda
root=/dev/hda1
install=/boot/boot.b
map=/boot/map
vga=normal
delay=0
password=foobar
image=/boot/bzImage-2.3.9
        label=dev
        restricted
        append="video=pm2fb:mode:1024x768-illo,font:SUN12x22,ypan"
        read-only
image=/boot/bzImage-2.2.10
        label=stable
        append="video=pm2fb:mode:1024x768-illo,font:SUN12x22,ypan"
        read-only

Ciao,
Illo.
 

-- 
----------------------------------------------------------------------------
Ilario Nardinocchi, [EMAIL PROTECTED] - Computer Science Adept since 1982
                    [EMAIL PROTECTED] 
                    
Know-nothing-bozo rule:
The views expressed above are entirely mine and do not represent the views,
policy or understanding of any other person or official body.
----------------------------------------------------------------------------

Re: password protecting lilo

Reply via email to