grub-password
grub-password
Basic grub password for grub v1 a and group v2. Ths role sets global password to restrinct the menu editing. Thos role is not able to set passwords or users for v2 per item.
I tested this role on platforms listed int mate file, but it do not mean it will work on any other. Please and the corresponding vars/os-<PLATFORM>.yml
or vars/os-<PLATFORM>-<VERSION>.yml
file.
Requirements
None
Role Variables
Role variables are grub version dependent, see defaults/main.yml
.
Default password is changeme
, so please follow this recommendation.
grub v1
grub_password_v1_passwd
is md5 password generated by /sbin/grub-md5-crypt
grub v2
Line generated by grub_password_v2_admin
and grub_password_v2_passwd
are
set superusers="{{ grub_password_v2_admin }}"
password_pbkdf2 {{ grub_password_v2_admin }} {{ grub_password_v2_passwd }}"
grub_password_v2_unrestricted
tells weather you want to add --unrestriced
to the menu entries. If this directice is missing, the system will not boot without antering username and password.
Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- hudecof.grub-password
License
BSD
Author Information
Peter Hudec
CNC, a.s.
ansible-galaxy install hudecof/ansible_grub_password