How to permanently password-protect (lock) standard RHEL7 menu entries in GRUB2
Issue
-
Goal: a Red Hat Enterprise Linux 7 system that requires manual entry of a bootloader password in order to boot any future kernels
-
Adding users and custom
menuentry .... --user SOMEUSER
directives to/etc/grub.d/40_custom
per the the RHEL7 System Administrator's Guide is great, but how can you configure grub so that ALL existing & future kernels require a password in order to boot? -
Preventing grub cmdline access with
grub2-setpassword
works, but how can we make all kernels require password before booting?
Environment
- Red Hat Enterprise Linux 7
- GRUB 2 bootloader
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.