Adding hdparm to system start-up


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users Adding hdparm to system start-up
# 1  
Old 09-16-2009
Adding hdparm to system start-up

Hi,

I have read about a vulnerability that allows to lock any IDE/SATA hard drive with a password, unless the BIOS "freezes" the drive's (no-password) status.
Even though less secure, this protection can also be archieved by software (only few BIOSes have that feature). hdparm offers a "security-freeze" parameter for this.

So, I wanted to add a call to hdparm with the respective parameter to my runlevels. I did so by running "update-rc.d hdparm defaults" and editing /etc/hdparm.conf (removing the '#' in front of the line with the parameter and setting "ROOTFS" to /dev/hda).

Unfortunately, running "hdparm -I /dev/hda" still shows "not frozen", meaning that the protection has not been applied.


Could anybody give me a hint what I'm doing wrong?
Thank you,
Gunther

Last edited by Gunther; 09-16-2009 at 08:28 PM..
# 2  
Old 09-16-2009
Did you start the service? You've told it you want to start when the system boots, but if the system hasn't booted since you made that change...

I have no idea what your distro is so I'm not entirely sure what the correct way to manually start it is, but it might be /etc/init.d/hdparm start.

Someone would need root access to lock that drive, by the way. Just a user couldn't do it.
# 3  
Old 09-16-2009
I'm sorry, I wasn't very accurate.
I have restarted my system; without any effect.

Now, here comes the strange thing...
Running "sudo /etc/init.d/hdparm restart" gives me
Quote:
Setting parameters of disc: (none).
. The status remains "not frozen".

However, issuing a "sudo hdparm --security-freeze /dev/hda" gets the job done, reporting "issuing Security Freeze command". The status has been successfully changed.

It's like hdparm doesn't care about its config file...

Btw, I'm running Debian with a 2.6.26-2 kernel, hdparm's version number is 8.9-3.

Last edited by Gunther; 09-16-2009 at 08:42 PM..
# 4  
Old 09-17-2009
I see nothing in 'man hdparm' about how it uses the config file. I'm not positive it does, that may be wholly up to the system init script.

hdparm's not a persistent process anyway, so I'm not sure why they decided it belonged in a daemon. I'd just put that line of yours in /etc/local.start or whatever your equivalent is instead of trying to use the system service. (You probably wouldn't need the 'sudo' if you put it there.)

Last edited by Corona688; 09-17-2009 at 12:37 PM..
# 5  
Old 09-18-2009
You were right: it's the script's job to parse the configuration file.

Furthermore, I also believe 'hdparm' doesn't have much of the characteristics that feature a daemon. So, I put
Quote:
99:12345:sysinit:/sbin/hdparm --security-freeze /dev/hda
in my /etc/inittab and now it works.
I guess I can't apply the protection much earlier.

Thank you for your help!
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Cannot start system-log on Solaris 10

Hi everyone, I hope you are doing well.. I am having the following issue that need your advice. I am configuring syslog on Solaris 10. I have edited the /etc/syslog.conf by adding the following entry: *.err;kern.debug;daemon.notice;mail.crit;auth.debug;user.debug;local6.info @<IP Address of... (7 Replies)
Discussion started by: michael_hoang
7 Replies

2. Shell Programming and Scripting

Start Script on system reboot

Hi, I have the following script that looks for a certain file and then executes the start.sh file. How can i make this process to kick when the box reboots. Please advice if ; then /u01/Essbase/Oracle//Middleware/user_projects/epmsystem7/bin/start.sh; rm... (8 Replies)
Discussion started by: thinkingeye
8 Replies

3. What is on Your Mind?

How to start in System Administration?

Hi all, I wonder if you guys could give me some advice on this. I have messed around with Linux for the last few years, and I'm at the point where I would like to become a system administrator - as a career. I already have a bachelor's degree, but it is in the humanities (art history) so... (2 Replies)
Discussion started by: ScottLew
2 Replies

4. Solaris

How to start system console in ELOM?

Hi, The system is Sun x4150. I use putty ssh to access to it. I can't start system console: (hung) Any help will be greatly appreciated! (5 Replies)
Discussion started by: aixlover
5 Replies

5. Shell Programming and Scripting

Executing script at system start up

Hi I had written a piece of script . Please let me know is it possible to run / execute this script at system startup ?? Thanks in advance . (5 Replies)
Discussion started by: Ravi Pavanv
5 Replies

6. AIX

Q: how to start a service when system start

As topic, assume we have a service called "blahservice" and we can start it by: startsrc -s blahservice what is the best practice to run such command when system start? - directly use mkitab to add it into /etc/inittab or - drop startup scripts in /etc/rc.d/rcX.d I know they... (4 Replies)
Discussion started by: acerlinux
4 Replies

7. UNIX for Advanced & Expert Users

Xend cannot start in my system

Hi all,,i'm sorry if my post is repost..but i'm need help about my problem... My specifications is : Sony Vaio VGN CR-323 Intel Dual-Core T2390(1.86 GHz) Memory 2GB DDR Harddisk 200GB with Debian lenny 2.6.26-1-686 i'm install xen via apt-get install xen blah..blah blah root@hell:~#... (4 Replies)
Discussion started by: demhyt
4 Replies

8. Shell Programming and Scripting

Cron job at system start up

I want to know if there is a way to make a certain set of programs start in order at system startup with cron or something else i dont know about. (3 Replies)
Discussion started by: rcunn87
3 Replies

9. SCO

System will not start

I am running OpenServer 5.0.5a on a Compaq Proliant 800. When trying to start the system it goes through loading everything and at the end I get the following message. WARNING: hd: no root disk controller was found H iinit ime Loadable Driver May be requiredG drain8042 PANIC: srmontfun -... (1 Reply)
Discussion started by: karlb1
1 Replies

10. HP-UX

how to start the x window system

hi, am new to hp-ux, i just bought an hp-ux with the hp-ux 11.0 os, is very old, and i wnat to start the x window system but it send an error that said that couldn't open the x server, i try startx, xinit, and nothing, and also where i can find tutorials for hp-ux os for beginners (7 Replies)
Discussion started by: nobody
7 Replies
Login or Register to Ask a Question