On 07/03/13 08:49, Sergio Ballestrero wrote: > > On 7 Mar 2013, at 05:12, g wrote: > >> greetings. >> >> system is an install of sl6.3 i386 from a livedvd. >> >> during attempt to create another 'livedvd 2 usb', i have run into an >> interesting problem after getting knocked out of grub booting. >> >> long story to short, booted 6.3 livecd installation. >> >> mount /dev/sdb2 -t ext4 /media/livedvd >> cd /media/livedvd/etc >> >> removed passwords from '/etc/shadow', >> >> cd /boot/grub >> >> modified '/boot/grub/grub.conf' to include 'livedvd' @ hd1,1. >> >> ran; >> >> grub-install /dev/sda >> >> then rebooted system. >> >> now, i can boot into livedvd installation, but i can not restore >> passwords. >> >> attempts where made from level 5, down to level 1. all failed with >> error message; >> >> passwd: Authentication token manipulation error. >> >> so how do i go about setting passwords back? > > try to replace it (use chroot and passwd) instead of just removing it. > > also, you may not need the live CD, just boot with init=/bin/bash and > then mount -oremount,rw / > So much for security if you haven't set a grub password ;-)
Grub passwords won't safeguard you against LiveCD's and chroot though ... But encrypting the filesystem which contains /etc will help you out there. On the other hand, if this is a server installation this usually isn't a problem. Servers are usually installed in a server room with (hopefully) limited access. On workstations and (in particular) laptops, encrypted root filesystem is the best solution. -- kind regards, David Sommerseth
