4.8.5. Managing GRUB UsersΒΆ
In addition to being configured at initialization through the SIMP CLI or
kickstarting via PXE boot, GRUB users can be managed by the
simp-simp_grub
module on both GRUB 2 and legacy GRUB systems.
Note
simp-simp_grub
is not a core module and its corresponding package,
pupmod-simp-simp_grub
, may need to be installed prior to following
this guide.
In Hiera, you will need to include the simp_grub
class and set
the appropriate parameters. For both GRUB 2 and legacy GRUB, this must
include:
simp::classes:
- 'simp_grub'
simp_grub::password: '<password hash or password>'
For GRUB 2, you will also have to set simp_grub::admin
and can
optionally specify whether unmanaged GRUB user accounts should be
reported and/or purged and the number of rounds to use for hashing
the password.
# required for GRUB 2
simp_grub::admin: '<username>'
# optional for GRUB 2
simp_grub::purge_unmanaged_users: <true or false>
simp_grub::report_unmanaged_users: <true or false>
simp_grub::hash_rounds: <integer>
After configuring Hiera, run puppet
. The accounts and hashed passwords
should be included in the /etc/grub2.cfg
or /etc/grub2-efi.cfg
files
for GRUB 2 systems and in /etc/grub.conf
on legacy GRUB systems.