If your PC is accessible by many people and you don't want people to be able to boot to single user mode, etc unless they enter a secure (MD5) password, then here is how to do it.
You will have to create two menu files for grub.
first of all, create the MD5 password:
The long string of "junk" is your encrypted password.Code:[ ddicks@linuxbox ~ ] $ su Password: [ root@linuxbox /home/ddicks ] # grub-md5-crypt Password: Retype password: $1$R3Sj50$rhFdPzjVpU81VNHgE8IS5/
Next, edit your menu.lst (or grub.conf) file so that only the normal boot options are available and also, add the MD5 password with a pointer to a second menu file (menu-admin.lst) [the second file name can be anything you want].
Last, make your menu-admin.lst file (or other file name you chose):Code:default 0 timeout 10 splashimage=(hd0,0)/grub/splash.xpm.gz password --md5 $1$R3Sj50$rhFdPzjVpU81VNHgE8IS5/ /boot/grub/menu-admin.lst title=Gentoo GNU/Linux - 2.4.20-wolk4.10s root (hd0,0) kernel (hd0,0)/bzImage-2.4.20-wolk4.10s root=/dev/hda3 hdc=ide-scsi hdd=ide-scsi vga=356
NOTE: the menu-admin.lst file does not require a MD5 password option as you will have already have had to enter it to get to that menu.Code:default 0 splashimage=(hd0,0)/grub/splash.xpm.gz title=Gentoo GNU/Linux - 2.4.20-wolk4.10s root (hd0,0) kernel (hd0,0)/bzImage-2.4.20-wolk4.10s root=/dev/hda3 hdc=ide-scsi hdd=ide-scsi vga=356 title=Gentoo GNU/Linux - 2.4.20-wolk4.10s (recovery mode) root (hd0,0) kernel (hd0,0)/bzImage-2.4.20-wolk4.10s root=/dev/hda3 hdc=ide-scsi hdd=ide-scsi single vga=356
Now, if you press the 'p' key when the first grub menu comes up, and enter the password, the second menu (menu-admin) will appear.
