[SOLVED] Red Hat v5 disabling single user runlevel

logan_the_wolverine · 02-17-2012, 11:39 AM

hi friends..
i am using red hat linux v5 in pc. my pc is used my many people. some of them are changing my passward by booting in single user mode.this is iterating when we don't know own password. i want to disable single user mode runlevel. help me..how can do it.

some configuration of system..
OS: red hat v5
bootloader: Grub bootloader

T3RM1NVT0R · 02-17-2012, 01:38 PM

Hi logan_the_wolverine,

Welcome to LQ!!!

Here are few things that you should first know about single user mode:

1. You cannot disable single user mode for root user. root user can get into single user mode by typing "init 1"
2. Normal users cannot go do "init 1" unless you have provided the access via sudo.

I believe your users are changing your password by getting in single user mode from grub. If that is the case you can password protect grub by performing following steps:

1. Login as root.
2. Run the following command:

Code:

grub-md5-crypt

3. It will prompt you to enter the password.
4. Enter the password and it will generate an md5 hash.
5. Copy that hash value (make sure you copy it properly)
6. Edit /boot/grub/grub.conf file using vi or vim as follows;

Code:

vi /boot/grub/grub.conf

7. Put that hash value in that file just below the line "timeout" as follows:
[code]password --md5 <copied hash value>

When you will reboot the system you will see that it will not let you edit grub by just pressing "e" you have to first hit "p" to enter the password and then you can edit grub entries.

Make sure that you take a backup of /boot/grub/grub.conf file before making any modifications

acid_kewpie · 02-17-2012, 02:06 PM

Note that if this is a hilarious running joke, they'll probably just put in a CD and change it that way. BIOS password with no boot to cd possible?

snowday · 02-17-2012, 02:13 PM

Seems to me you are looking for a technological solution to a social issue.

If you escalate your security measures, a determined attacker will escalate their actions (such as using a Live CD and chroot) and you will limit the tools available to yourself to repair the damage. Physical access IS root access, this is a "feature not a bug."

Better solutions: Talk to your "friends" and make them stop this childish prank. Get your boss/school/parents involved. Don't leave your computer unattended in a public place. Lock your door. Encrypt your data. Protect your property and privacy by whatever means are legal in your jurisdiction.

logan_the_wolverine · 02-21-2012, 02:34 AM

Thank you... T3RM1NVT0R...
I implement this on my system and it works.

acid_kewpie · 02-21-2012, 02:43 AM

Quote:

Originally Posted by snowpine

Seems to me you are looking for a technological solution to a social issue.

If you escalate your security measures, a determined attacker will escalate their actions (such as using a Live CD and chroot) and you will limit the tools available to yourself to repair the damage. Physical access IS root access, this is a "feature not a bug."

Better solutions: Talk to your "friends" and make them stop this childish prank. Get your boss/school/parents involved. Don't leave your computer unattended in a public place. Lock your door. Encrypt your data. Protect your property and privacy by whatever means are legal in your jurisdiction.

I have the urge to say "Here here!" for the sake of it. +1, Thumbs Up, Excellent seller; would use again.

John VV · 02-21-2012, 02:48 AM

a bit old but you might want to read the red hat documentation on setting a bios password
http://docs.redhat.com/docs/en-US/Re...-boot-sec.html
http://docs.redhat.com/docs/en-US/Re...ootloader.html

but talk to the people
or they WILL start using a live cd