Date: Wed, 12 Dec 2012 17:49:01 +0000 (UTC) From: Devin Teske <dteske@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r244158 - head/sys/boot/forth Message-ID: <201212121749.qBCHn24Y009912@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dteske Date: Wed Dec 12 17:49:01 2012 New Revision: 244158 URL: http://svnweb.freebsd.org/changeset/base/244158 Log: Fix a regression caused by SVN r222417. Prior to r222417, setting `password' in loader.conf(5) did not prevent boot but instead only prevented changes to boot options by prompting for password if autoboot failed or the user interrupted the countdown sequence. After r222417 the same machine with `password' set in loader.conf(5) would no longer boot without _always_ entering the password. This patch restores the old (8.x and older) functionality for password in loader.conf(5) while adding a new bootlock_password feature to replace the edge-case should anybody desire the regressed functionality (HINT: great for PXE servers and/or private distributions). loader.conf(5) was updated to be more clear with-respect to password setting (previous text was misleading). Documentation (loader.conf(5) and check-password.4th(8)) has been updated to include notes on the new bootlock_password setting. Special thanks to Alex Verbod for bringing this to my attention and helping to refine the loader.conf(5) text. PR: conf/170110 Submitted by: Vitaly Zakharov <ded3axap@gmail.com> Reviewed by: Alexander Verbod <alexander.verbod@gmail.com> Modified: head/sys/boot/forth/beastie.4th.8 head/sys/boot/forth/check-password.4th head/sys/boot/forth/check-password.4th.8 head/sys/boot/forth/loader.4th.8 head/sys/boot/forth/loader.conf.5 head/sys/boot/forth/menu.4th.8 Modified: head/sys/boot/forth/beastie.4th.8 ============================================================================== --- head/sys/boot/forth/beastie.4th.8 Wed Dec 12 17:41:21 2012 (r244157) +++ head/sys/boot/forth/beastie.4th.8 Wed Dec 12 17:49:01 2012 (r244158) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2011 Devin Teske +.\" Copyright (c) 2011-2012 Devin Teske .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -94,8 +94,9 @@ The variable can be configured in .Xr loader.conf 5 to the number of seconds you would like to delay loading the boot menu. -During the delay the user can press Ctrl-C to fall back to autoboot or ENTER -to proceed. +During the delay the user can press Ctrl-C to fall back to +.Ic autoboot +or ENTER to proceed. The default behavior is to not delay. .El .Pp Modified: head/sys/boot/forth/check-password.4th ============================================================================== --- head/sys/boot/forth/check-password.4th Wed Dec 12 17:41:21 2012 (r244157) +++ head/sys/boot/forth/check-password.4th Wed Dec 12 17:49:01 2012 (r244158) @@ -1,4 +1,4 @@ -\ Copyright (c) 2006-2011 Devin Teske <dteske@FreeBSD.org> +\ Copyright (c) 2006-2012 Devin Teske <dteske@FreeBSD.org> \ All rights reserved. \ \ Redistribution and use in source and binary forms, with or without @@ -74,7 +74,7 @@ variable readlen \ input length again ; -: read ( -- String prompt ) +: read ( String prompt -- ) 0 25 at-xy \ Move the cursor to the bottom-left dup 1+ read-start ! \ Store X offset after the prompt @@ -134,23 +134,37 @@ variable readlen \ input length : check-password ( -- ) - \ Exit if a password was not set - s" password" getenv dup -1 = if - drop exit + \ Do not allow the user to proceed beyond this point if a boot-lock + \ password has been set (preventing even boot from proceeding) + s" bootlock_password" getenv dup -1 <> if + begin + s" Boot Password: " read ( prompt -- ) + 2dup readval readlen @ compare 0<> + while + 3000 ms ." loader: incorrect password" 10 emit + repeat + 2drop ( c-addr/u ) + else + drop ( -1 ) \ getenv cruft then - begin \ Loop as long as it takes to get the right password + \ Exit if a password was not set + s" password" getenv -1 = if exit else drop then + + \ We should prevent the user from visiting the menu or dropping to the + \ interactive loader(8) prompt, but still allow the machine to boot... - s" Password: " \ Output a prompt for a password - read \ Read the user's input until Enter + 0 autoboot + \ Only reached if autoboot fails for any reason (including if/when + \ the user aborts/escapes the countdown sequence leading to boot). + + s" password" getenv + begin + s" Password: " read ( prompt -- ) 2dup readval readlen @ compare 0= if 2drop exit \ Correct password then - - \ Bad Password - 3000 ms - ." loader: incorrect password" 10 emit - - again \ Not the right password; repeat + 3000 ms ." loader: incorrect password" 10 emit + again ; Modified: head/sys/boot/forth/check-password.4th.8 ============================================================================== --- head/sys/boot/forth/check-password.4th.8 Wed Dec 12 17:41:21 2012 (r244157) +++ head/sys/boot/forth/check-password.4th.8 Wed Dec 12 17:49:01 2012 (r244158) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2011 Devin Teske +.\" Copyright (c) 2011-2012 Devin Teske .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 18, 2011 +.Dd December 10, 2012 .Dt CHECK-PASSWORD.4TH 8 .Os .Sh NAME @@ -33,7 +33,8 @@ .Sh DESCRIPTION The file that goes by the name of .Nm -is a set of commands designed to prevent booting without the proper password. +is a set of commands designed to either prevent booting or prevent modification +of boot options without an appropriately configured password. The commands of .Nm by themselves are not enough for most uses. @@ -57,30 +58,36 @@ The commands provided by it are: .Pp .Bl -tag -width disable-module_module -compact -offset indent .It Ic check-password -Once called, the user cannot continue until the correct password is entered. -If the user enters the correct password the function returns. +Dual-purpose function that can either protect the interactive boot menu or +prevent boot without password (separately). .Pp -The password that is required is configured by setting the -.Ic password -variable in -.Xr loader.conf 5 . -.Pp -Subsequent calls after a successful password -has been entered will not cause reprompting -\(em the function will silently return. +First checks +.Va bootlock_password +and if-set, the user cannot continue until the correct password is entered. +.Pp +Next checks +.Va password +and if-set, tries to +.Ic autoboot +and only prompts for password on failure or user-interrupt. +See +.Xr loader.conf 5 +for additional information. .El .Pp The environment variables that effect its behavior are: -.Bl -tag -width bootfile -offset indent +.Bl -tag -width bootlock_password -offset indent +.It Va bootlock_password +Sets the bootlock password (up to 16 characters long) that is required by +.Ic check-password +to be entered before the system is allowed to boot. .It Va password Sets the password (up to 16 characters long) that is required by .Ic check-password -to be entered before the system is allowed to boot. If unset (default) or NULL, -.Ic check-password -will silently abort. +before the user is allowed to visit the boot menu. .El .Sh FILES -.Bl -tag -width /boot/loader.4th -compact +.Bl -tag -width /boot/check-password.4th -compact .It Pa /boot/loader The .Xr loader 8 . @@ -101,11 +108,20 @@ check-password .Ed .Pp Set a password in -.Xr loader.conf 5 : +.Xr loader.conf 5 +to prevent modification of boot options: .Pp .Bd -literal -offset indent -compact password="abc123" .Ed +.Pp +Set a password in +.Xr loader.conf 5 +to prevent booting without password: +.Pp +.Bd -literal -offset indent -compact +bootlock_password="boot" +.Ed .Sh SEE ALSO .Xr loader.conf 5 , .Xr loader 8 , Modified: head/sys/boot/forth/loader.4th.8 ============================================================================== --- head/sys/boot/forth/loader.4th.8 Wed Dec 12 17:41:21 2012 (r244157) +++ head/sys/boot/forth/loader.4th.8 Wed Dec 12 17:49:01 2012 (r244158) @@ -99,7 +99,7 @@ This is the command used in the default .Pa /boot/loader.rc file, and it uses the -.Pa autoboot +.Ic autoboot command (see .Xr loader 8 ) , so it can be stopped for further interaction with Modified: head/sys/boot/forth/loader.conf.5 ============================================================================== --- head/sys/boot/forth/loader.conf.5 Wed Dec 12 17:41:21 2012 (r244157) +++ head/sys/boot/forth/loader.conf.5 Wed Dec 12 17:49:01 2012 (r244158) @@ -23,7 +23,7 @@ .\" SUCH DAMAGE. .\" .\" $FreeBSD$ -.Dd July 20, 2011 +.Dd December 10, 2012 .Dt LOADER.CONF 5 .Os .Sh NAME @@ -113,8 +113,23 @@ that contains a kernel. .It Ar kernel_options Flags to be passed to the kernel. .It Ar password +Protect boot menu with a password without interrupting +.Ic autoboot +process. +The password should be in clear text format. +If a password is set, boot menu will not appear until any key is pressed during +countdown period specified by +.Va autoboot_delay +variable or +.Ic autoboot +process fails. +In both cases user should provide specified password to be able to access boot +menu. +.It Ar bootlock_password Provides a password to be required by check-password before execution is allowed to continue. +The password should be in clear text format. +If a password is set, the user must provide specified password to boot. .It Ar verbose_loading If set to .Dq YES , Modified: head/sys/boot/forth/menu.4th.8 ============================================================================== --- head/sys/boot/forth/menu.4th.8 Wed Dec 12 17:41:21 2012 (r244157) +++ head/sys/boot/forth/menu.4th.8 Wed Dec 12 17:49:01 2012 (r244158) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2011 Devin Teske +.\" Copyright (c) 2011-2012 Devin Teske .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -108,8 +108,9 @@ will wait for user input and never execu If set to .Dq Li -1 , .Ic menu-display -will boot immediately, preventing both interruption of the autoboot process and -escaping to the loader prompt. +will boot immediately, preventing both interruption of the +.Ic autoboot +process and escaping to the loader prompt. Default is .Dq Li 10 . See
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201212121749.qBCHn24Y009912>