All GRUB 2 configuration information is stored in the grub.cfg file. Never directly edit grub.cfg, whose contents can be overwritten by other commands. To configure GRUB2, use bootadm subcommands instead.
All bootadm subcommands for managing GRUB apply only to x86 systems. However, certain bootadm subcommands can be used on SPARC based systems. See, for example, Managing the Oracle Solaris Boot Archives.
The bootadm command has the following subcommands:
Adds a boot entry to the GRUB menu.
Changes the attributes of a specified boot entry in the GRUB menu.
Generates a new boot loader configuration file.
Installs the system boot loader. This subcommand applies to both x86 and SPARC platforms.
Displays the current boot entries in the GRUB menu.
Removes a boot entry from the GRUB menu.
Maintains the GRUB menu. You can use this subcommand to set a particular GRUB menu entry as the default, to add security protection to the GRUB menu, and to set other menu options and boot loader options.
The –P option supports changing menus on multiple root pools.
Sets a password to prevent the GRUB menu from being seen.
Shows a boot entry from the GRUB menu. This subcommand is equivalent to list-menu.
For more details, see the bootadm(8) man page.
To control access to the GRUB menu, use set-menu-password. The command supports the following options:
–s password sets the password for accessing the GRUB menu entries.
–r removes the password lock.
–l verifies whether a password lock is in place and which users have access to each menu entry.
Caution - If the default boot entry is locked, the system would require a password in order to boot. To enable system boots without manual intervention, do not set a password lock. |
To grant specific users access to the GRUB menu, follow these steps:
Add users to the authenticated users list.
$ bootadm set-menu add-user=username
Grant access to specific users.
To grant access to the whole GRUB menu:
$ bootadm set-menu add-superuser username
To grant access to a specific menu entry:
$ bootadm change-entry -i menu-number add-auth=username
The menu-number corresponds to the menu entry to which access is granted.
To display a system's menu entries, use list-menu or show-entry.
Used by itself, list-menu displays the entire GRUB menu, including the location of the boot loader configuration files and other information.
$ bootadm list-menu the location of the boot loader configuration files is: /rpool/boot/grub default 0 console graphics timeout 30 0 Oracle Solaris 11/11 1 Oracle Solaris 11.3 2 Oracle Solaris 11.4
To obtain information about a specific menu entry, identify the entry with is menu number.
$ bootadm list-menu -i 0
the location of the boot loader configuration files is: /rpool/boot/grub
title: Oracle Solaris 11 11/11
kernel: /platform/i86pc/kernel/$ISADIR/unix
kernel arguments: -B $ZFS-BOOTFS -v
boot archive: /platform/i86pc/$ISADIR/boot_archive
ZFS root pool: rpool
The show-entry command shows only entry-specific information.
$ bootadm show-entry -i 0
title: Oracle Solaris 11 11/11
kernel: /platform/i86pc/kernel/$ISADIR/unix
kernel arguments: -B $ZFS-BOOTFS -v
boot archive: /platform/i86pc/$ISADIR/boot_archive
ZFS root pool: rpool
To generate a grub.cfg file, use generate-menu. The file would contain the OS instances currently installed on a system.
$ bootadm generate-menu
Options direct the way the command is implemented:
–f overwrites an existing grub.cfg file.
–P pool-name generates a new GRUB menu for a different root pool than the current one.