Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Adding hdparm to system start-up
Top Forums UNIX for Advanced & Expert Users Adding hdparm to system start-up Post 302353810 by Gunther on Wednesday 16th of September 2009 09:24:30 AM
Old 09-16-2009
Adding hdparm to system start-up
Hi,

I have read about a vulnerability that allows to lock any IDE/SATA hard drive with a password, unless the BIOS "freezes" the drive's (no-password) status.
Even though less secure, this protection can also be archieved by software (only few BIOSes have that feature). hdparm offers a "security-freeze" parameter for this.

So, I wanted to add a call to hdparm with the respective parameter to my runlevels. I did so by running "update-rc.d hdparm defaults" and editing /etc/hdparm.conf (removing the '#' in front of the line with the parameter and setting "ROOTFS" to /dev/hda).

Unfortunately, running "hdparm -I /dev/hda" still shows "not frozen", meaning that the protection has not been applied.


Could anybody give me a hint what I'm doing wrong?
Thank you,
Gunther
Last edited by Gunther; 09-16-2009 at 08:28 PM..
 

10 More Discussions You Might Find Interesting

1. HP-UX

how to start the x window system

hi, am new to hp-ux, i just bought an hp-ux with the hp-ux 11.0 os, is very old, and i wnat to start the x window system but it send an error that said that couldn't open the x server, i try startx, xinit, and nothing, and also where i can find tutorials for hp-ux os for beginners (7 Replies)
Discussion started by: nobody
7 Replies

2. SCO

System will not start

I am running OpenServer 5.0.5a on a Compaq Proliant 800. When trying to start the system it goes through loading everything and at the end I get the following message. WARNING: hd: no root disk controller was found H iinit ime Loadable Driver May be requiredG drain8042 PANIC: srmontfun -... (1 Reply)
Discussion started by: karlb1
1 Replies

3. Shell Programming and Scripting

Cron job at system start up

I want to know if there is a way to make a certain set of programs start in order at system startup with cron or something else i dont know about. (3 Replies)
Discussion started by: rcunn87
3 Replies

4. UNIX for Advanced & Expert Users

Xend cannot start in my system

Hi all,,i'm sorry if my post is repost..but i'm need help about my problem... My specifications is : Sony Vaio VGN CR-323 Intel Dual-Core T2390(1.86 GHz) Memory 2GB DDR Harddisk 200GB with Debian lenny 2.6.26-1-686 i'm install xen via apt-get install xen blah..blah blah root@hell:~#... (4 Replies)
Discussion started by: demhyt
4 Replies

5. AIX

Q: how to start a service when system start

As topic, assume we have a service called "blahservice" and we can start it by: startsrc -s blahservice what is the best practice to run such command when system start? - directly use mkitab to add it into /etc/inittab or - drop startup scripts in /etc/rc.d/rcX.d I know they... (4 Replies)
Discussion started by: acerlinux
4 Replies

6. Shell Programming and Scripting

Executing script at system start up

Hi I had written a piece of script . Please let me know is it possible to run / execute this script at system startup ?? Thanks in advance . (5 Replies)
Discussion started by: Ravi Pavanv
5 Replies

7. Solaris

How to start system console in ELOM?

Hi, The system is Sun x4150. I use putty ssh to access to it. I can't start system console: (hung) Any help will be greatly appreciated! (5 Replies)
Discussion started by: aixlover
5 Replies

8. What is on Your Mind?

How to start in System Administration?

Hi all, I wonder if you guys could give me some advice on this. I have messed around with Linux for the last few years, and I'm at the point where I would like to become a system administrator - as a career. I already have a bachelor's degree, but it is in the humanities (art history) so... (2 Replies)
Discussion started by: ScottLew
2 Replies

9. Shell Programming and Scripting

Start Script on system reboot

Hi, I have the following script that looks for a certain file and then executes the start.sh file. How can i make this process to kick when the box reboots. Please advice if ; then /u01/Essbase/Oracle//Middleware/user_projects/epmsystem7/bin/start.sh; rm... (8 Replies)
Discussion started by: thinkingeye
8 Replies

10. Solaris

Cannot start system-log on Solaris 10

Hi everyone, I hope you are doing well.. I am having the following issue that need your advice. I am configuring syslog on Solaris 10. I have edited the /etc/syslog.conf by adding the following entry: *.err;kern.debug;daemon.notice;mail.crit;auth.debug;user.debug;local6.info @<IP Address of... (7 Replies)
Discussion started by: michael_hoang
7 Replies

LEARN ABOUT LINUX

hdparm.conf

hdparm.conf(5)						     hdparm configuration file						    hdparm.conf(5)

NAME

       hdparm.conf - Debian configuration file for hdparm

DESCRIPTION

       This  is  the  default configuration for hdparm for Debian.  It is a rather simple script, so please follow the following guidelines :) Any
       line that begins with a comment is ignored - add as many as you like.

       Note that an in-line comment is not supported.  If a line consists of whitespace only (tabs, spaces, carriage return), it will be  ignored,
       so you can space control fields as you like.  ANYTHING ELSE IS PARSED!!

       This  means  that  lines  with stray characters or lines that use non # comment characters will be interpreted by the initscript.  This has
       probably minor, but potentially serious, side effects for your hard drives, so please follow the guidelines.  Patches to improve flexibilty
       welcome.

       Please read /usr/share/doc/hdparm/README.Debian for notes about known issues, especially if you have an MD array.

       Note that if the init script causes boot problems, you can pass 'nohdparm' on the kernel command line, and the script will not be run.

       Setting an option outside of one of the stanzas enables it for all drives.

       If an option is listed twice, the second instance replaces the first.

       /sbin/hdparm is not run unless a block of the form:

       DEV {

       option

       option

       }

       exists.	 This  blocks will cause /sbin/hdparm OPTIONS DEV to be run.  Where OPTIONS is the concatenation of all options previously defined
       outside of a block and all options defined with in the block.

OPTIONS

       -q be quiet
	      quiet

       -a sector count for filesystem read-ahead
	      read_ahead_sect = 12

       -A disable/enable the IDE drive's read-lookahead feature
	      lookahead = on

       -b bus state
	      bus = on

       -B apm setting
	      apm = 255

       -B apm setting when on battery
	      apm_battery = 128

       -c enable (E)IDE 32-bit I/O support - can be any of 0,1,3
	      io32_support = 1

       -d disable/enable the "using_dma" flag for this drive
	      dma = off

       -D enable/disable the on-drive defect management
	      defect_mana = off

       -E cdrom speed
	      cd_speed = 16

       -k disable/enable the "keep_settings_over_reset" flag for this drive
	      keep_settings_over_reset = off

       -K disable/enable the drive's "keep_features_over_reset" flag
	      keep_features_over_reset = on

       -m sector count for multiple sector I/O
	      mult_sect_io = 32

       -P maximum sector count for the drive's internal prefetch mechanism
	      prefetch_sect = 12

       -r read-only flag for device
	      read_only = off

       -s Enable/disable the power-on in standby feature
	      poweron_standby = off

       -S standby (spindown) timeout for the drive
	      spindown_time = 24

       -u interrupt-unmask flag for the drive
	      interrupt_unmask = on

       -W Disable/enable the IDE drive's write-caching feature
	      write_cache = off

       -X IDE transfer mode for newer (E)IDE/ATA2 drives
	      transfer_mode = 34

       -y force to immediately enter the standby mode
	      standby

       -Y force to immediately enter the sleep mode
	      sleep

       -Z Disable the power-saving function of certain Seagate drives
	      disable_seagate

       -M Set the acoustic management properties of a drive
	      acoustic_management

       -p Set the chipset PIO mode
	       chipset_pio_mode

       --security-freeze Freeze the drive's security status
	      security_freeze

       --security-unlock Unlock the drive's security
	      security_unlock = PWD

       --security-set-pass Set security password
	      security_pass = password

       --security-disable Disable drive locking
	      security_disable

       --user-master Specifies which password to select
	      security_mode = u

       --security-mode Set the security mode
	      security_mode = h

       Root file systems.
	      Please see README.Debian for details.  ROOTFS = /dev/hda

       Blocks beginning with the keyword 'command_line' instead of a device identifier are no longer supported for backwards compatibility by this
       version	of hdparm.  Options must be introduced by a correct device identifier instead so that they will be applied when the device becomes
       available.

AUTHOR

       hdparm was written by Mark Lord <mlord@pobox.com> The init  script  and	configuration  file  are  currently  maintained  by  Stephen  Gran
       <sgran@debian.org>, but are the result of the work of many people.

       This manual page was created by Stephen Gran <sgran@debian.org> for the Debian GNU/Linux system (but may be used by others).

Stephen Gran							  August 10, 2005						    hdparm.conf(5)
All times are GMT -4. The time now is 11:19 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy