[sle][security][sle15sp3][Feature][Automation]QA: /etc/grub.d/10_linux grub should support authorization
60.00 h (Total: 120.00 h)
As documented in Authentication and authorisation in GRUB
grub2 supports restricting access to boot menu entries with the --unrestricted and --users options.
When building their images/appliances, our customer is configuring restrictions in the boot menu entries, so that only specified users can boot selected menu entries.
To implement this, they have been utilizing the editbootconfig feature of kiwi (see https://jira.suse.com/browse/PM-1969), which has recently been deprecated (around kiwi-9.20.4) .
The current solution to configure custom boot menu entries is to use grub capabilities, but this fails as the /etc/grub.d/10_linux script used for generating the bootloader configuration (especially in kiwi images) does not support the --unrestricted and --users options (that implement the authorization).¶
Manual test steps:
#1 Updated by rfan1 about 2 years ago
Dev task is not done
#2 Updated by rfan1 about 2 years ago
- Status changed from Blocked to In Progress
manual test passed
#3 Updated by rfan1 about 2 years ago
- Estimated time changed from 40.00 h to 6000.00 h
#4 Updated by rfan1 about 2 years ago
- Estimated time changed from 6000.00 h to 60.00 h
#5 Updated by rfan1 about 2 years ago
- Status changed from In Progress to Resolved
Automation test passed