* grub-core/commands/legacycfg.c (legacy_file): Default to restricted
entries. * grub-core/commands/menuentry.c (grub_cmd_menuentry): Likewise. * docs/grub.texi: Update menuentry description.
This commit is contained in:
parent
8db10f47fe
commit
dc478aeae5
4 changed files with 32 additions and 9 deletions
|
@ -1,3 +1,10 @@
|
||||||
|
2012-05-02 Vladimir Serbinenko <phcoder@gmail.com>
|
||||||
|
|
||||||
|
* grub-core/commands/legacycfg.c (legacy_file): Default to restricted
|
||||||
|
entries.
|
||||||
|
* grub-core/commands/menuentry.c (grub_cmd_menuentry): Likewise.
|
||||||
|
* docs/grub.texi: Update menuentry description.
|
||||||
|
|
||||||
2012-05-02 Vladimir Serbinenko <phcoder@gmail.com>
|
2012-05-02 Vladimir Serbinenko <phcoder@gmail.com>
|
||||||
|
|
||||||
* util/grub-setup.c (setup): Remove duplicate call to embed. Fixes
|
* util/grub-setup.c (setup): Remove duplicate call to embed. Fixes
|
||||||
|
|
|
@ -1437,7 +1437,7 @@ definitions do not affect the exit status in @code{$?}. When executed, the
|
||||||
exit status of a function is the exit status of the last command executed in
|
exit status of a function is the exit status of the last command executed in
|
||||||
the body.
|
the body.
|
||||||
|
|
||||||
@item menuentry @var{title} [@option{--class=class} @dots{}] [@option{--users=users}] [@option{--hotkey=key}] @{ @var{command}; @dots{} @}
|
@item menuentry @var{title} [@option{--class=class} @dots{}] [@option{--users=users}] [@option{--unrestricted}] [@option{--hotkey=key}] @{ @var{command}; @dots{} @}
|
||||||
@xref{menuentry}.
|
@xref{menuentry}.
|
||||||
@end table
|
@end table
|
||||||
|
|
||||||
|
@ -2960,7 +2960,7 @@ These commands can only be used in the menu:
|
||||||
|
|
||||||
@deffn Command menuentry @var{title} @
|
@deffn Command menuentry @var{title} @
|
||||||
[@option{--class=class} @dots{}] [@option{--users=users}] @
|
[@option{--class=class} @dots{}] [@option{--users=users}] @
|
||||||
[@option{--hotkey=key}] @
|
[@option{--unrestricted}] [@option{--hotkey=key}] @
|
||||||
@{ @var{command}; @dots{} @}
|
@{ @var{command}; @dots{} @}
|
||||||
This defines a GRUB menu entry named @var{title}. When this entry is
|
This defines a GRUB menu entry named @var{title}. When this entry is
|
||||||
selected from the menu, GRUB will set the @var{chosen} environment variable
|
selected from the menu, GRUB will set the @var{chosen} environment variable
|
||||||
|
@ -2975,6 +2975,9 @@ different styles.
|
||||||
The @option{--users} option grants specific users access to specific menu
|
The @option{--users} option grants specific users access to specific menu
|
||||||
entries. @xref{Security}.
|
entries. @xref{Security}.
|
||||||
|
|
||||||
|
The @option{--unrestricted} option grants all users access to specific menu
|
||||||
|
entries. @xref{Security}.
|
||||||
|
|
||||||
The @option{--hotkey} option associates a hotkey with a menu entry.
|
The @option{--hotkey} option associates a hotkey with a menu entry.
|
||||||
@var{key} may be a single letter, or one of the aliases @samp{backspace},
|
@var{key} may be a single letter, or one of the aliases @samp{backspace},
|
||||||
@samp{tab}, or @samp{delete}.
|
@samp{tab}, or @samp{delete}.
|
||||||
|
@ -2986,7 +2989,7 @@ The @option{--hotkey} option associates a hotkey with a menu entry.
|
||||||
|
|
||||||
@deffn Command submenu @var{title} @
|
@deffn Command submenu @var{title} @
|
||||||
[@option{--class=class} @dots{}] [@option{--users=users}] @
|
[@option{--class=class} @dots{}] [@option{--users=users}] @
|
||||||
[@option{--hotkey=key}] @
|
[@option{--unrestricted}] [@option{--hotkey=key}] @
|
||||||
@{ @var{menu entries} @dots{} @}
|
@{ @var{menu entries} @dots{} @}
|
||||||
This defines a submenu. An entry called @var{title} will be added to the
|
This defines a submenu. An entry called @var{title} will be added to the
|
||||||
menu; when that entry is selected, a new menu will be displayed showing all
|
menu; when that entry is selected, a new menu will be displayed showing all
|
||||||
|
@ -4061,8 +4064,10 @@ restricted to superusers.
|
||||||
|
|
||||||
Other users may be given access to specific menu entries by giving a list of
|
Other users may be given access to specific menu entries by giving a list of
|
||||||
usernames (as above) using the @option{--users} option to the
|
usernames (as above) using the @option{--users} option to the
|
||||||
@samp{menuentry} command (@pxref{menuentry}). If the @option{--users}
|
@samp{menuentry} command (@pxref{menuentry}). If the @option{--unrestricted}
|
||||||
option is not used for a menu entry, then that entry is unrestricted.
|
option is used for a menu entry, then that entry is unrestricted.
|
||||||
|
If the @option{--users} option is not used for a menu entry, then that
|
||||||
|
only superusers are able to use it.
|
||||||
|
|
||||||
Putting this together, a typical @file{grub.cfg} fragment might look like
|
Putting this together, a typical @file{grub.cfg} fragment might look like
|
||||||
this:
|
this:
|
||||||
|
@ -4073,7 +4078,7 @@ set superusers="root"
|
||||||
password_pbkdf2 root grub.pbkdf2.sha512.10000.biglongstring
|
password_pbkdf2 root grub.pbkdf2.sha512.10000.biglongstring
|
||||||
password user1 insecure
|
password user1 insecure
|
||||||
|
|
||||||
menuentry "May be run by any user" @{
|
menuentry "May be run by any user" --unrestricted @{
|
||||||
set root=(hd0,1)
|
set root=(hd0,1)
|
||||||
linux /vmlinuz
|
linux /vmlinuz
|
||||||
@}
|
@}
|
||||||
|
|
|
@ -123,7 +123,8 @@ legacy_file (const char *filename)
|
||||||
return grub_errno;
|
return grub_errno;
|
||||||
}
|
}
|
||||||
args[0] = oldname;
|
args[0] = oldname;
|
||||||
grub_normal_add_menu_entry (1, args, NULL, NULL, NULL, NULL, NULL,
|
grub_normal_add_menu_entry (1, args, NULL, NULL, "legacy",
|
||||||
|
NULL, NULL,
|
||||||
entrysrc, 0);
|
entrysrc, 0);
|
||||||
grub_free (args);
|
grub_free (args);
|
||||||
entrysrc[0] = 0;
|
entrysrc[0] = 0;
|
||||||
|
|
|
@ -37,6 +37,8 @@ static const struct grub_arg_option options[] =
|
||||||
{"source", 4, 0,
|
{"source", 4, 0,
|
||||||
N_("Use STRING as menu entry body."), N_("STRING"), ARG_TYPE_STRING},
|
N_("Use STRING as menu entry body."), N_("STRING"), ARG_TYPE_STRING},
|
||||||
{"id", 0, 0, N_("Menu entry identifier."), N_("STRING"), ARG_TYPE_STRING},
|
{"id", 0, 0, N_("Menu entry identifier."), N_("STRING"), ARG_TYPE_STRING},
|
||||||
|
{"unrestricted", 0, 0, N_("This entry can be booted by any user."),
|
||||||
|
0, ARG_TYPE_NONE},
|
||||||
{0, 0, 0, 0, 0, 0}
|
{0, 0, 0, 0, 0, 0}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -254,6 +256,7 @@ grub_cmd_menuentry (grub_extcmd_context_t ctxt, int argc, char **args)
|
||||||
char *prefix;
|
char *prefix;
|
||||||
unsigned len;
|
unsigned len;
|
||||||
grub_err_t r;
|
grub_err_t r;
|
||||||
|
const char *users;
|
||||||
|
|
||||||
if (! argc)
|
if (! argc)
|
||||||
return grub_error (GRUB_ERR_BAD_ARGUMENT, "missing arguments");
|
return grub_error (GRUB_ERR_BAD_ARGUMENT, "missing arguments");
|
||||||
|
@ -264,12 +267,19 @@ grub_cmd_menuentry (grub_extcmd_context_t ctxt, int argc, char **args)
|
||||||
if (! ctxt->state[3].set && ! ctxt->script)
|
if (! ctxt->state[3].set && ! ctxt->script)
|
||||||
return grub_error (GRUB_ERR_BAD_ARGUMENT, "no menuentry definition");
|
return grub_error (GRUB_ERR_BAD_ARGUMENT, "no menuentry definition");
|
||||||
|
|
||||||
|
if (ctxt->state[1].set)
|
||||||
|
users = ctxt->state[1].arg;
|
||||||
|
else if (ctxt->state[5].set)
|
||||||
|
users = NULL;
|
||||||
|
else
|
||||||
|
users = "";
|
||||||
|
|
||||||
if (! ctxt->script)
|
if (! ctxt->script)
|
||||||
return grub_normal_add_menu_entry (argc, (const char **) args,
|
return grub_normal_add_menu_entry (argc, (const char **) args,
|
||||||
(ctxt->state[0].set ? ctxt->state[0].args
|
(ctxt->state[0].set ? ctxt->state[0].args
|
||||||
: NULL),
|
: NULL),
|
||||||
ctxt->state[4].arg,
|
ctxt->state[4].arg,
|
||||||
ctxt->state[1].arg,
|
users,
|
||||||
ctxt->state[2].arg, 0,
|
ctxt->state[2].arg, 0,
|
||||||
ctxt->state[3].arg,
|
ctxt->state[3].arg,
|
||||||
ctxt->extcmd->cmd->name[0] == 's');
|
ctxt->extcmd->cmd->name[0] == 's');
|
||||||
|
@ -287,7 +297,7 @@ grub_cmd_menuentry (grub_extcmd_context_t ctxt, int argc, char **args)
|
||||||
|
|
||||||
r = grub_normal_add_menu_entry (argc - 1, (const char **) args,
|
r = grub_normal_add_menu_entry (argc - 1, (const char **) args,
|
||||||
ctxt->state[0].args, ctxt->state[4].arg,
|
ctxt->state[0].args, ctxt->state[4].arg,
|
||||||
ctxt->state[1].arg,
|
users,
|
||||||
ctxt->state[2].arg, prefix, src + 1,
|
ctxt->state[2].arg, prefix, src + 1,
|
||||||
ctxt->extcmd->cmd->name[0] == 's');
|
ctxt->extcmd->cmd->name[0] == 's');
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue