grub & grub2

#####################################################
grub(grub-0.9x)
#####################################################
/boot/grub/grub.conf

default 0    #从上往下第1个title,1则是第2个
timeout 5    #倒计时5秒后载入操作系统
hiddenmenu    #timeout前不对grub干预将隐藏菜单直到按下ESC才出现菜单
password=123456    #简单的grub密码
color cyan/blue white/blue    #grub菜单的前景色及选中后的高亮色

title "Ubuntu12.04 LTS"
lock        #在title下锁住单一title,
root (hd0,0)    #指定内核所在分区通常是/boot分区
kernel /boot/vmlinuz-3.2.0-23-generic ro root=/dev/hda1 text     #root=后面接/分区
initrd /boot/initrd.img-3.2.0-23-generic    #指定"虚拟根"

MD5加密
grub-md5-crypt        #回车后输入想设定的密码
password:
Retype password:

$!x2klaflasjdfljaakldjfde8*

将password=123456替换为
password --md5 $!x2klaflasjdfljaakldjfde8*

阻止用户更改grub

...
timeout 5
password --md5 $!x2klaflasjdfljaakldjfde8*    #阻止用户进入grub交互模式，即按‘p’时要求输入密码
title ...

注：但用户仍可通过按‘e’来编辑启动项


单独锁定某个启动项
...
timeout 5
title Ubuntu12.04 LTS
password --md5 $!x2klaflasjdfljaakldjfde8*
root (hd0,0)

交互和启动都锁定
...
timeout 5
password --md5 $!x2klaflasjdfljaakldjfde8*
title Ubuntu12.04 LTS
lock        #只需在title下加上一把锁lock即可，但每把锁的密码相同
root (hd0,0)
kernel /boot/vmlinuz-3.2...
initrd /boot/initrd-3.2...

title CentOS6
lock
root (hd0,1)
kernel /boot/vmlinuz-2.6...
initrd /boot/initrd-2.6...

要使用不同的lock可以
...
timeout 5
password --md5 $!x2klaflasjdfljaakldjfde8*
title Ubuntu12.04 LTS
lock        
root (hd0,0)
kernel /boot/vmlinuz-3.2...
initrd /boot/initrd-3.2...

title CentOS6
password --md5 $!12koaflasjdxljaakykjfdel7    #再hash一个密码放在这里就行了
root (hd0,1)
kernel /boot/vmlinuz-2.6...
initrd /boot/initrd-2.6...

title BackTack 5
password --md5 l!#2kkaflasjd*ljaakykjfle!a    #再hash一个密码放在这里就行了
root (hd0,3)
kernel /boot/vmlinuz-2.6...
initrd /boot/initrd-2.6...


修复grub
通过livecd启动

sudo grub    #进入grub命令行

grub>root (hd0,0)    #指定内核所在分区
grub>setup (hd0)    #写入MBR,写入某个分区则是setup (hd0,x)
grub>quit

#####################################################
grub2(grub-1.9x)
#####################################################
/boot/grub/grub.cfg

#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  set have_grubenv=true
  load_env
fi
set default="0"
if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
    saved_entry="${chosen}"
    save_env saved_entry
  fi
}

function recordfail {
  set recordfail=1
  if [ -n "${have_grubenv}" ]; then if [ -z "${boot_once}" ]; then save_env recordfail; fi; fi
}

function load_video {
  insmod vbe
  insmod vga
  insmod video_bochs
  insmod video_cirrus
}

if [ "${recordfail}" = 1 ]; then
  set timeout=-1
else
  set timeout=10
fi
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
set menu_color_normal=yellow/black
set menu_color_highlight=red/light-gray
if background_color 75,75,75; then
  clear
fi
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_linux ###
function gfxmode {
    set gfxpayload="$1"
    if [ "$1" = "keep" ]; then
        set vt_handoff=vt.handoff=7
    else
        set vt_handoff=
    fi
}
if [ ${recordfail} != 1 ]; then
  if [ -e ${prefix}/gfxblacklist.txt ]; then
    if hwmatch ${prefix}/gfxblacklist.txt 3; then
      if [ ${match} = 0 ]; then
        set linux_gfx_mode=keep
      else
        set linux_gfx_mode=text
      fi
    else
      set linux_gfx_mode=text
    fi
  else
    set linux_gfx_mode=keep
  fi
else
  set linux_gfx_mode=text
fi
export linux_gfx_mode
if [ "$linux_gfx_mode" != "text" ]; then load_video; fi
menuentry 'Ubuntu，Linux 3.2.0-23-generic' --class ubuntu --class gnu-linux --class gnu --class os {
    recordfail
    gfxmode $linux_gfx_mode
    insmod gzio
    insmod part_msdos
    insmod ext2
    set root='(hd0,msdos10)'
    search --no-floppy --fs-uuid --set=root 7fbacbfd-6819-45ac-b777-1d6f7bbdc125
    linux    /vmlinuz-3.2.0-23-generic root=/dev/mapper/vg1-snap ro   quiet splash security=selinux selinux=1 $vt_handoff
    initrd    /initrd.img-3.2.0-23-generic
}
### END /etc/grub.d/10_linux ###

### BEGIN /etc/grub.d/20_linux_xen ###
### END /etc/grub.d/20_linux_xen ###


### BEGIN /etc/grub.d/30_os-prober ###
menuentry "Windows 7 (loader) (on /dev/sda1)" --class windows --class os {
    insmod part_msdos
    insmod ntfs
    set root='(hd0,msdos1)'
    search --no-floppy --fs-uuid --set=root F88CD2AA8CD26324
    drivemap -s (hd0) ${root}
    chainloader +1
}
menuentry "Windows 8 (loader) (on /dev/sda2)" --class windows --class os {
    insmod part_msdos
    insmod ntfs
    set root='(hd0,msdos2)'
    search --no-floppy --fs-uuid --set=root E4C8D3F4C8D3C34A
    drivemap -s (hd0) ${root}
    chainloader +1
}
menuentry "CentOS (2.6.32-279.el6.x86_64) (on /dev/mapper/vg0-root)" --class gnu-linux --class gnu --class os {
    insmod part_msdos
    insmod ext2
    set root='(hd0,msdos13)'
    search --no-floppy --fs-uuid --set=root 2eecf34f-1c16-4558-8543-b6122ee35e0a
    linux /vmlinuz-2.6.32-279.el6.x86_64 ro root=/dev/mapper/vg0-root vga=791
    initrd /initramfs-2.6.32-279.el6.x86_64.img
}
menuentry "Ubuntu，Linux 3.2.0-23-generic (on /dev/mapper/vg1-ubuntu)" --class gnu-linux --class gnu --class os {
    insmod part_msdos
    insmod ext2
    set root='(hd0,msdos10)'
    search --no-floppy --fs-uuid --set=root 7fbacbfd-6819-45ac-b777-1d6f7bbdc125
    linux /vmlinuz-3.2.0-23-generic root=/dev/mapper/vg1-ubuntu ro text vga=791
    initrd /initrd.img-3.2.0-23-generic
}
### END /etc/grub.d/30_os-prober ###

### BEGIN /etc/grub.d/40_custom ###
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.
### END /etc/grub.d/40_custom ###

### BEGIN /etc/grub.d/41_custom ###
if [ -f  $prefix/custom.cfg ]; then
  source $prefix/custom.cfg;
fi
### END /etc/grub.d/41_custom ###

最显著的变化

color cyan/blue white/blue  ==>    set color_normal=cyan/black

                                   set color_highlight=megenta/black
title           ==>    menuentry
root (hd0,0)    ==>    set root=(hd0,msdos0)
kernel          ==>    linux

    grub硬盘分区都从0开始计数，比如：(hd0,0)表示hda1(或sda1),(hd1,4)表示hdb5(或sdb5)而grub2则是硬盘从0开始，分区从1开始，比如：(hd0,msdos1)表示hda1(或sda1),(hd1,msdos5)表示hdb5(或sdb5)

     当然，在模块化和功能性上有大幅提升，一般更新比较积极的发行版都采用的是grub2，如：ubuntu,linux mint,open suse, fedra等,这里就不多说，各位有兴趣可以参考grub2官方文档。