[Bug 407887] New: Incorrect grub password setup
https://bugzilla.novell.com/show_bug.cgi?id=407887 Summary: Incorrect grub password setup Product: openSUSE 11.0 Version: Final Platform: i586 OS/Version: openSUSE 11.0 Status: NEW Severity: Major Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: andrea.turrini@gmail.com QAContact: jsrain@novell.com Found By: --- I've tried to setup grub password using the bootloader module of yast. If I check /boot/grub/menu.lst, I find the following row: password --md5 CuzLAqX0LfCPQ The password I typed is "a" (without quotes). If I reboot the system, correctly grub requires to push 'p' key to edit an entry. If I try to enter 'a' as password, I obtain a "Failed!" answer, so I can not modify the highlighted entry. I've also noted that if I replace old password (a) with a new one using yast, and the new password is again "a", then the corresponding row in /boot/grub/menu.lst changes and becomes: password --md5 .Kxz0InFhsl3A Thus, if I protect grub with a password, then I'm not able to unlock it at grub prompt. I've tested the problem using virtualbox, but the same happens on my laptop. Regards, Andrea -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=407887 User andrea.turrini@gmail.com added comment https://bugzilla.novell.com/show_bug.cgi?id=407887#c1 --- Comment #1 from Andrea Turrini <andrea.turrini@gmail.com> 2008-07-15 07:29:54 MDT --- For information, I've installed openSUSE 10.3 inside virtualbox and using yast2 bootloader module and setting password "a", inside /boot/grub/menu.lst I obtain the row: password -md5 $1$4v5oLPTz$047JvRRHP1i8m/K3B3wn4/ I obtain a similar result when I use the command "md5crypt" inside grub shell (for both 10.3 and 11.0 installations): grub> md5crypt md5crypt Password: a a Encrypted: $1$ABhEb$dJPdBcm5UnttgaZtGJgmd/ If I generate the md5 of the password using md5crypt and then I copy the result inside /boot/grub/menu.lst, then the password is accepted at grub prompt. It seems that the md5 value inserted into /boot/grub/menu.lst is truncated. Regards, Andrea -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=407887 Robert Vojcik <rvojcik@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.provo.novell.com |juhliarik@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=407887 User jreidinger@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=407887#c3 --- Comment #3 from Josef Reidinger <jreidinger@novell.com> 2008-09-19 08:54:46 MDT --- jozo - in perl-Bootloader I add function CountGRUBPassword, which count correct password (using grub, so use only if they present). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=407887 User juhliarik@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=407887#c4 Jozef Uhliarik <juhliarik@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |yli@novell.com --- Comment #4 from Jozef Uhliarik <juhliarik@novell.com> 2008-12-01 10:57:51 MST --- *** Bug 450470 has been marked as a duplicate of this bug. *** https://bugzilla.novell.com/show_bug.cgi?id=450470 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=407887 Jozef Uhliarik <juhliarik@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Priority|P5 - None |P3 - Medium -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=407887 User yli@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=407887#c5 --- Comment #5 from Yan Li <yli@novell.com> 2008-12-01 21:46:58 MST --- I have verified this issue on SLED11-beta6, looks it has been fixed. But I don’t fully understand the comments, so I have listed my regression steps below, please refer: 01. Install SLED11 on a clean machine; 02. Login GNOME with root user; 03. Go to “YaST>System>Boot Loader”; 04. On “Boot Loader Settings – YaST” windows, click “Boot Loader Installation” tab; 05. Click “Boot Loader Options” button; 06. Input “a” in “Password” field and “a” in “Retype Password” field, then click “OK” button to save the change; 07. Click “OK” button on the “Boot Loader Settings – YaST” windows, then the “Boot Loader Settings – YaST” windows was closed and the “/boot/grub/menu.lst” file was modified; 08. Reboot the computer; 09. At the boot sequence menu, press ‘p’ to enter a password to unlock the next set of features; 10. Input the password ‘a’, then press “Enter”; 11. Then user could press ‘e’ to edit the commands before booting. It’s the expected result. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=407887 User jreidinger@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=407887#c6 --- Comment #6 from Josef Reidinger <jreidinger@novell.com> 2008-12-02 09:53:59 MST --- This fix have problem. If you select global section edit and have already setted password, it is changed to that hash...jozo please identify, if password is changed in global settings and only if so, then hash it. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com