Grub password and login name not being prompted

I have set a grub password and changed username in /etc/grub.d/01_users but when I go to edit grub line, I am not being prompted for username or password. This is Rocky 9.2 install.

This is a major security issue for my company.

cat /etc/grub.d/01_users

#!/usr/bin/sh -e
cat << EOF
if [ -f \${prefix}/user.cfg ]; then
  source \${prefix}/user.cfg
  if [ -n "\${GRUB2_PASSWORD}" ]; then
    set superusers="root"
    export superusers
    password_pbkdf2 root \${GRUB2_PASSWORD}

Lines 3-10 are appended to grub.cfg.

If you have users in /boot/grub2/users.cfg, then those aru used by grub.
If there is environment variable GRUB2_PASSWORD set (I have no idea how) when grub runs (i.e. at boot), then root has password.

I’ve only added file /boot/grub2/users.cfg to get the prompt – never occurred to my mind to edit scripts, like the /etc/grub.d/01_users.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.