[ale] single user lockdown?

Nomad the Wanderer nomad at orci.com
Wed Dec 9 13:44:35 EST 1998


If I go this way,  I have it set to boot to the "linux" image
after 5 seconds.  Will this continue as normal?

Robert

Thus spake Jacob Langseth (jlangseth at esisys.com):

> 
> > 4a. in /etc/inittab edit the line :
> > l1:1:wait:/etc/rc.d/rc 1
> > so that it reads l1:1:wait:/etc/rc.d/rc 3
> > 
> > This will prevent single-user mode completely. it will always boot to
> > run-level 3. you can still get in with a bios password to activate floppy
> > booting and then use a boot floppy such as Toms root/boot or RedHats
> > rescue discs.
> 
> 4a can be bypassed by passing the init parameter to the kernel.
> (eg init=/bin/sh)  To avoid this, keep /etc/lilo.conf mode 0600 with
> a password= setting, and use the restricted option when describing
> all linux labels.  eg lilo.conf:
> 	password = foo
> 	[...]
> 	restricted image = /boot/vmlinux.gz
> 	    label = linux
> 	    [...]
> 
> This causes lilo to prompt for the password= value before
> accepting boot parameters.
> 

---------------------------------------------------------------------------
Robert L. Harris                |   Windows --
Senior System Administrator II  |        Proof Micro$oft has
  at Great West Life.           \_            a room full of monkeys.

http://www.orci.com/~nomad

DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.

FYI:
 perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'






More information about the Ale mailing list