From owner-freebsd-questions@FreeBSD.ORG Fri Dec 5 17:40:32 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 956B316A4CE for ; Fri, 5 Dec 2003 17:40:32 -0800 (PST) Received: from zim.0x7e.net (zim.0x7e.net [203.38.184.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id 99B0643FDD for ; Fri, 5 Dec 2003 17:40:29 -0800 (PST) (envelope-from listone@deathbeforedecaf.net) Received: from goo.0x7e.net ([203.38.184.164] helo=goo) by zim.0x7e.net with smtp (Exim 3.36 #1) id 1ASRQi-0001cD-00; Sat, 06 Dec 2003 12:10:20 +1030 Message-ID: <002e01c3bb99$e8fa1600$a4b826cb@goo> From: "Rob" To: "Dru" , "Nathan Kinkade" References: <20031204141547.T598@genisis> <20031204220312.GC15894@npkfbsd> <20031205123457.D624@genisis> Date: Sat, 6 Dec 2003 12:10:19 +1030 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4927.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4927.1200 cc: questions@freebsd.org Subject: Re: protecting loader X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Dec 2003 01:40:32 -0000 I habitually put autoboot_delay="0" in /boot/loader.conf because I'm impatient. It doesn't stop me from booting into single-user mode - you just have to hit a key while loader(8) is spinning, before it starts the kernel. As far as I can tell, the options in /boot.config apply to boot2, which has its own command prompt. I occasionally interrupt that one by mistake, and get confused because it's nothing like loader. So if you want to tie down the boot process, you will probably need to use both files. ----- Original Message ----- From: "Dru" Subject: Re: protecting loader > > > On Thu, 4 Dec 2003, Nathan Kinkade wrote: > > > On Thu, Dec 04, 2003 at 02:20:07PM -0500, Dru wrote: > > > > > > Is there a way to prevent a user from bypassing loader and > > > loading/unloading stuff at the OK prompt? (other than physical security > > > measures) > > > > > > I tried placing "/boot/loader -n" in "/boot.config", but it didn't make a > > > difference. > > > > > > Dru > > > > If I understand your question, you could put the following line in your > > /boot/loader.conf file: > > > > autoboot_delay="0" > > > > I think this will effectively prevent users from interrupting the loader > > to make changes. Just make sure that you have some other way to boot > > the system, such as a floppy, in case you later run into problems. > > > > Nathan > > -- > > gpg --keyserver pgp.mit.edu --recv-keys D8527E49 > > > Actually, I discovered that "password=somevalue" in /boot/loader.conf > filled the bill quite nicely :-) > > Dru > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >