https://fedoraproject.org/wiki/GRUB_2#Setting_a_password_for_interactive_edit_mode _____________________________
If you wish to password-protect GRUB2's interactive edit mode but you do not want to require users to enter a password to do a plain, simple, ordinary boot, create /etc/grub.d/01_users with the following lines:
cat << EOF set superusers="root" export superusers password root secret EOF _____________________________and then you find such a file there pointing to some "user.cfg" where nobody knows what \${prefix} is and how that is supposed to work - honestly the whole grub2 config stuff is cryptical crap while "More details can be found at Ubuntu Help: GRUB2 Passwords" even makes it more confusing
[root@testserver:~]$ cat /etc/grub.d/01_users
#!/bin/sh -e
cat << EOF
if [ -f \${prefix}/user.cfg ]; then
source \${prefix}/user.cfg
if [ -n "\${GRUB2_PASSWORD}" ]; then
set superusers="root"
export superusers
password_pbkdf2 root \${GRUB2_PASSWORD}
fi
fi
EOF
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
