conf/170110: loader.conf bootmenu password prevents OS from loading
Vitaly Zakharov
ded3axap at gmail.com
Tue Jul 24 12:20:10 UTC 2012
>Number: 170110
>Category: conf
>Synopsis: loader.conf bootmenu password prevents OS from loading
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Jul 24 12:20:06 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Vitaly Zakharov
>Release: 9.0-RELEASE-p3
>Organization:
Positive Technologies
>Environment:
FreeBSD FBSD_9_0_i386 9.0-RELEASE-p3 FreeBSD 9.0-RELEASE-p3 #0: Tue Jul 24 12:31:53 MSK 2012 root at FBSD_9_0_i386:/usr/obj/usr/src/sys/GENERIC i386
>Description:
After adding a line
password="supersecret"
to /boot/loader.conf OS does not booting unless correct password is given.
In older versions of FreeBSD (I was tested 4.11, 5.5, 6.4, 7.4, 8.3) this setting will protect Boot Menu to prevent setting custom options on boot, but not to completely stopping OS booting.
This problem affects only FreeBSD 9.0.
>How-To-Repeat:
Add a line:
password="supersecret"
to /boot/loader.conf and reboot the machine.
After that you cannot load OS without typing correct password.
>Fix:
Add a line "0 autoboot" as first command in section "check-password" of /boot/check-password.4th:
: check-password ( -- )
0 autoboot
\ Exit if a password was not set
s" password" getenv dup -1 = if
drop exit
then
begin \ Loop as long as it takes to get the right password
s" Password: " \ Output a prompt for a password
read \ Read the user's input until Enter
2dup readval readlen @ compare 0= if
2drop exit \ Correct password
then
\ Bad Password
3000 ms
." loader: incorrect password" 10 emit
again \ Not the right password; repeat
;
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list