Package: grub-pc Version: 2.04-10 Severity: normal Dear Maintainer,
I'm using grub with a password set in /etc/grub.d/40_custom: #!/bin/sh exec tail -n +3 $0 set superusers="admin" password_pbkdf2 admin grub.pbkdf2.sha512..... With this setup, I would have to enter the grub password to boot, so I've been modifying /etc/grub.d/10_linux by hand to hardcode the option '--unrestricted' in the default entry for quite some time. I think it would be better for the long term to get a solution for that in the grub package. So, I've just made a patch to allow setting an option in /etc/default/grub to allow setting options to grub entries. There's one option for the default entry and one option for the others, as I guess setting the option per entry for all entry would be quite hard. Thanks, Arnaud
./util/grub.d/10_linux.in: Allow to set menuentry options Users restricting access according to https://www.gnu.org/software/grub/manual/grub/html_node/Authentication-and-authorisation.html may want to set options like '--users' or '--unrestricted'. While this code doesn't allow to set the options per menuentry, it allows to set the options only for the 'simple' entry and for all others. The new variables will be called GRUB_SIMPLE_MENUENTRY_OPTS and GRUB_MENUENTRY_OPTS. Signed-off-by: Arnaud Patard <apat...@hupstream.com> Index: grub2-2.04/util/grub-mkconfig.in =================================================================== --- grub2-2.04.orig/util/grub-mkconfig.in +++ grub2-2.04/util/grub-mkconfig.in @@ -249,7 +249,9 @@ export GRUB_DEFAULT \ GRUB_OS_PROBER_SKIP_LIST \ GRUB_DISABLE_SUBMENU \ GRUB_RECORDFAIL_TIMEOUT \ - GRUB_RECOVERY_TITLE + GRUB_RECOVERY_TITLE \ + GRUB_SIMPLE_MENUENTRY_OPTS \ + GRUB_MENUENTRY_OPTS if test "x${grub_cfg}" != "x"; then rm -f "${grub_cfg}.new" Index: grub2-2.04/util/grub.d/10_linux.in =================================================================== --- grub2-2.04.orig/util/grub.d/10_linux.in +++ grub2-2.04/util/grub.d/10_linux.in @@ -139,9 +139,9 @@ linux_entry () title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;" grub_warn "$(gettext_printf "Please don't use old title \`%s' for GRUB_DEFAULT, use \`%s' (for versions before 2.00) or \`%s' (for 2.00 or later)" "$GRUB_ACTUAL_DEFAULT" "$replacement_title" "gnulinux-advanced-$boot_device_id>gnulinux-$version-$type-$boot_device_id")" fi - echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/" + echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} ${GRUB_MENUENTRY_OPTS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/" else - echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/" + echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} ${GRUB_SIMPLE_MENUENTRY_OPTS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/" fi if [ "$quick_boot" = 1 ]; then echo " recordfail" | sed "s/^/$submenu_indentation/"