[ale] single user lockdown?
Nomad the Wanderer
nomad at orci.com
Wed Dec 9 13:44:35 EST 1998
If I go this way, I have it set to boot to the "linux" image
after 5 seconds. Will this continue as normal?
Robert
Thus spake Jacob Langseth (jlangseth at esisys.com):
>
> > 4a. in /etc/inittab edit the line :
> > l1:1:wait:/etc/rc.d/rc 1
> > so that it reads l1:1:wait:/etc/rc.d/rc 3
> >
> > This will prevent single-user mode completely. it will always boot to
> > run-level 3. you can still get in with a bios password to activate floppy
> > booting and then use a boot floppy such as Toms root/boot or RedHats
> > rescue discs.
>
> 4a can be bypassed by passing the init parameter to the kernel.
> (eg init=/bin/sh) To avoid this, keep /etc/lilo.conf mode 0600 with
> a password= setting, and use the restricted option when describing
> all linux labels. eg lilo.conf:
> password = foo
> [...]
> restricted image = /boot/vmlinux.gz
> label = linux
> [...]
>
> This causes lilo to prompt for the password= value before
> accepting boot parameters.
>
---------------------------------------------------------------------------
Robert L. Harris | Windows --
Senior System Administrator II | Proof Micro$oft has
at Great West Life. \_ a room full of monkeys.
http://www.orci.com/~nomad
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
FYI:
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
More information about the Ale
mailing list