exit status of a function is the exit status of the last command executed in
the body.
-@item menuentry @var{title} [@option{--class=class} @dots{}] [@option{--users=users}] [@option{--hotkey=key}] @{ @var{command}; @dots{} @}
+@item menuentry @var{title} [@option{--class=class} @dots{}] [@option{--users=users}] [@option{--unrestricted}] [@option{--hotkey=key}] @{ @var{command}; @dots{} @}
@xref{menuentry}.
@end table
@deffn Command menuentry @var{title} @
[@option{--class=class} @dots{}] [@option{--users=users}] @
- [@option{--hotkey=key}] @
+ [@option{--unrestricted}] [@option{--hotkey=key}] @
@{ @var{command}; @dots{} @}
This defines a GRUB menu entry named @var{title}. When this entry is
selected from the menu, GRUB will set the @var{chosen} environment variable
The @option{--users} option grants specific users access to specific menu
entries. @xref{Security}.
+The @option{--unrestricted} option grants all users access to specific menu
+entries. @xref{Security}.
+
The @option{--hotkey} option associates a hotkey with a menu entry.
@var{key} may be a single letter, or one of the aliases @samp{backspace},
@samp{tab}, or @samp{delete}.
@deffn Command submenu @var{title} @
[@option{--class=class} @dots{}] [@option{--users=users}] @
- [@option{--hotkey=key}] @
+ [@option{--unrestricted}] [@option{--hotkey=key}] @
@{ @var{menu entries} @dots{} @}
This defines a submenu. An entry called @var{title} will be added to the
menu; when that entry is selected, a new menu will be displayed showing all
Other users may be given access to specific menu entries by giving a list of
usernames (as above) using the @option{--users} option to the
-@samp{menuentry} command (@pxref{menuentry}). If the @option{--users}
-option is not used for a menu entry, then that entry is unrestricted.
+@samp{menuentry} command (@pxref{menuentry}). If the @option{--unrestricted}
+option is used for a menu entry, then that entry is unrestricted.
+If the @option{--users} option is not used for a menu entry, then that
+only superusers are able to use it.
Putting this together, a typical @file{grub.cfg} fragment might look like
this:
password_pbkdf2 root grub.pbkdf2.sha512.10000.biglongstring
password user1 insecure
-menuentry "May be run by any user" @{
+menuentry "May be run by any user" --unrestricted @{
set root=(hd0,1)
linux /vmlinuz
@}
{"source", 4, 0,
N_("Use STRING as menu entry body."), N_("STRING"), ARG_TYPE_STRING},
{"id", 0, 0, N_("Menu entry identifier."), N_("STRING"), ARG_TYPE_STRING},
+ {"unrestricted", 0, 0, N_("This entry can be booted by any user."),
+ 0, ARG_TYPE_NONE},
{0, 0, 0, 0, 0, 0}
};
char *prefix;
unsigned len;
grub_err_t r;
+ const char *users;
if (! argc)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "missing arguments");
if (! ctxt->state[3].set && ! ctxt->script)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "no menuentry definition");
+ if (ctxt->state[1].set)
+ users = ctxt->state[1].arg;
+ else if (ctxt->state[5].set)
+ users = NULL;
+ else
+ users = "";
+
if (! ctxt->script)
return grub_normal_add_menu_entry (argc, (const char **) args,
(ctxt->state[0].set ? ctxt->state[0].args
: NULL),
ctxt->state[4].arg,
- ctxt->state[1].arg,
+ users,
ctxt->state[2].arg, 0,
ctxt->state[3].arg,
ctxt->extcmd->cmd->name[0] == 's');
r = grub_normal_add_menu_entry (argc - 1, (const char **) args,
ctxt->state[0].args, ctxt->state[4].arg,
- ctxt->state[1].arg,
+ users,
ctxt->state[2].arg, prefix, src + 1,
ctxt->extcmd->cmd->name[0] == 's');