Clarify use of superusers variable and menu entry access
superusers controls both CLI and editing. Also explicitly mention that empty superusers disables them. "Access to menuentry" is a bit vague - change to "execute menuentry" to make it obvious, what access is granted.
This commit is contained in:
Andrei Borzenkov
parent
fd73b3d008
commit
dec7718878
1 changed files with 5 additions and 3 deletions
|
|
@ -5428,10 +5428,12 @@ In order to enable authentication support, the @samp{superusers} environment
|
|||
variable must be set to a list of usernames, separated by any of spaces,
|
||||
commas, semicolons, pipes, or ampersands. Superusers are permitted to use
|
||||
the GRUB command line, edit menu entries, and execute any menu entry. If
|
||||
@samp{superusers} is set, then use of the command line is automatically
|
||||
restricted to superusers.
|
||||
@samp{superusers} is set, then use of the command line and editing of menu
|
||||
entries are automatically restricted to superusers. Setting @samp{superusers}
|
||||
to empty string effectively disables both access to CLI and editing of menu
|
||||
entries.
|
||||
|
||||
Other users may be given access to specific menu entries by giving a list of
|
||||
Other users may be allowed to execute specific menu entries by giving a list of
|
||||
usernames (as above) using the @option{--users} option to the
|
||||
@samp{menuentry} command (@pxref{menuentry}). If the @option{--unrestricted}
|
||||
option is used for a menu entry, then that entry is unrestricted.
|
||||
|
|
|
|||
Loading…
Reference in a new issue