Greetings, While bench testing a new forensic computer I am working on I noticed a potential problem using RH 8.0 with grub. The computer is a P4, 2.4GHz, 1GB ram, 120GB HD loaded with Windows XP, Red Hat 8.0 and grub as the dual boot loader. Nothing special, just out of the box installs. I noticed if I attach another linux bootable drive to the computer (/dev/hdc) when the computer boots, it was trying to load the kernel, root and boot from /dev/hdc not /dev/hda as I expected. I cloned hda and put both in the computer (/dev/hda and /dev/hdc). After reboot I checked /etc/mtab and found that I was in-fact working on /dev/hdc instead of hda. I checked /boot/grub/grub.conf and found the following: title Red Hat Linux 8.0 (2.4.18-14) root (hd0,1) kernel /vmlinuz-2.4.18-14 ro root=LABEL=/ initrd /initrd-2.4.18-14.img I changed the kernel line to read “kernel /vmlinuz-2.4.18-14 ro root=/dev/hda5” (hda5 is my root partition). I rebooted the system and everything is now as expected. My point here is obvious. If I had installed a suspect hard drive on this stock install I could be working on the original evidence and loose data integrity. Not a good thing. I am not sure if this is new to 8.0 or grub but I did not see this in RH7.3. If anyone has a better solution or can explain LABEL to me, I’m all ears. Hovis Chasteen __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jan 10 2003 - 10:30:58 PST