Tom Alsberg wrote:> Hi there.
> Would/will there be a way to password protect providing kernel
> parameters and choosing some boot labels in SYSLINUX? So that not
> everybody can boot the machine single-user, with different root
> devices, etc. (And also so that you would need a password to boot from
> the local disk, in PXELINUX)?
>
> We want to start using SYSLINUX, actually PXELINUX, here at the CS
> department of the Hebrew University to boot many machines
> diskless. Until now (and still, right now) we used GRUB, but GRUB has
> several problems, mainly that it doesn't really do PXE - it can be
> loaded from PXE, but it cannot use the network interface given to it
> by PXE, so a driver is needed for every network adapter, but also some
> other minor technicalities.
> I started testing SYSLINUX/PXELINUX and it seems fine for us (wrote
> configuration files, etc., and configured a few test hosts for it in
> DHCP already), so we would probably be ready to deploy it if we could
> just password protect some stuff. Most of the use will be for
> workstations for students, so it's really necessary for us to be able
> to do that.
>
Not there at this time, but some people have already requested it, so
I'm thinking about how to add it. I'm a bit concerned since this would
be fairly easy to bypass (if you have physical access to the machine,
you can generally do anything), but that might be OK (most of these
things seem to be about keeping students from hacking in a lab.)
It's on my list of things to do, but it's more of a "B"
priority for me.
However, obviously the more I hear it's a key feature for some
people, the more it moves up...
-hpa