[Bug 384148] Re: Major bug in Console Security help page (affects all version)
** Description changed: ** Summary changed: - Major bug in Console Security help page (affects all version) + Major bug in Console Security help page (affects 9.04) -- Major bug in Console Security help page (affects 9.04) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
1. First of all there should be a note that password --md5 pass string has not to be located under the title item but in a global area. Clarification on global section could help avoid confusion, apparently. Although the menu.lst file already has the template for passwords and text regarding it's use. I guess that would require the reader of the documentation to also read the menu.lst file they are editing. 2. The string # lockalternative=false confused me, it is necessary to note that string has not to be copied without hash char. It has to be edited as # lockalternative=true because it as a template for grub-update scripts. Further clarifying to the audience that the hash tag should NOT be removed might help. Many other app configuration files require the removal of hash tags (comments) while this serves as a grub string template. The instructions do explain the result should look like the example given, which includes a hash tag exactly as it should. Here's an excerpt from the automagic section of menu.lst: ### BEGIN AUTOMAGIC KERNELS LIST ## lines between the AUTOMAGIC KERNELS LIST markers will be modified ## by the debian update-grub script except for the default options below ## DO NOT UNCOMMENT THEM, Just edit them to your needs 3. !!!This is a major bug!!! After editing lockalternative to true it is necessary to put lock parameter under the title with recover mode as follows: (snipped) 4. !!!It is necessary to note, that lock parameter which has been added in the item 3 will not be modified by grub-update script(in case of kernel upgrade and other changes) because of # lockalternative=true. Without # lockalternative=true single user mode will be unlocked on next grub-update. BTW, do we need to add lock parameter each time to the new title with a new kernel? As for 3 and 4... The instructions are correct, however there is something missing. After making the change to the # lockalternative template, it is necessary to update grub for all existing and future recovery kernel entries to be locked. sudo update-grub As long as the lockalternative template and password have been implemented properly, every time a kernel update occurs, grub is updated and all alternative entries will be locked. When kernel updates occur, grub is updated and new kernel entries will automagically receive the lock parameter. As Connor mentioned, as for new documentation (for version 9.10 and above), Grub 2 has since replaced Grub legacy. As of now, the process of applying passwords is now much more complicated, and does not permit any hashing of passwords. The suggestion of using grub password has always been lightweight security, because as it points out, someone could just boot the system using a LiveCD and gain access. If the passwords are in clear text... what's the point? So users should not use their favorite passphrase there, for sure. :-) Until the ability to hash the passwords becomes available to Grub 2, I think removing the subsection altogether is probably a good idea. -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
Sorry for the long previous message. I was trying to be clear and hope I didn't come off rude (like I think a couple sentences may have). Apologies in advance... completely unintentional if it were interpreted that way. As for the suggested corrections and clarification points, can we still submit patches for 8.04, 8.10, and 9.04? If so, I can add a patch to this bug for each version. -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
Patch for Hardy, addressing concerns in this bug report. ** Attachment added: hardy-serverguide-lp-bug-384148.txt http://launchpadlibrarian.net/37759850/hardy-serverguide-lp-bug-384148.txt -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
Patch for Intrepid, addressing concerns in this bug report. ** Attachment added: intrepid-serverguide-lp-bug-384148.txt http://launchpadlibrarian.net/37759869/intrepid-serverguide-lp-bug-384148.txt -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
Patch for Jaunty, addressing concerns in this bug report. ** Attachment added: jaunty-serverguide-lp-bug-384148.txt http://launchpadlibrarian.net/37759891/jaunty-serverguide-lp-bug-384148.txt -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
Patch for Lucid, addressing concerns in this bug report. Entire section on GRUB password protection has been removed, due to the fact that GRUB 2 still lacks sufficient password protection. It is possible, but the instructions are lengthy, and passwords are stored in clear text. ** Attachment added: lucid-serverguide-lp-bug-384148.txt http://launchpadlibrarian.net/37760060/lucid-serverguide-lp-bug-384148.txt -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
Patch for Karmic, addressing concerns in this bug report. Same adjustment as note above regarding Lucid. ** Attachment added: karmic-serverguide-lp-bug-384148.txt http://launchpadlibrarian.net/37760508/karmic-serverguide-lp-bug-384148.txt -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
** Changed in: ubuntu-docs (Ubuntu) Assignee: (unassigned) = Micheal_2009 (micheal-harker) ** Changed in: ubuntu-docs (Ubuntu) Status: New = Confirmed -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
Note that Grub2 is the default now in Karmic, and may replace Grub legacy altogether in Lucid. ** Changed in: ubuntu-docs (Ubuntu) Importance: Undecided = High -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
** Tags added: serverguide -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 384148] Re: Major bug in Console Security help page (affects all version)
** Visibility changed to: Public ** This bug is no longer flagged as a security vulnerability -- Major bug in Console Security help page (affects all version) https://bugs.launchpad.net/bugs/384148 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
