This is an old revision of the document!


User-specific boot menus

This page outlines the steps I took to implement a proof of concept comprising user authentication at preboot time and dynamically generated boot menus. The user is first presented with a login screen. The user's credentials are passed via an SSL-encrypted link to a server, which authenticates the user and then provides a boot menu containing a list of authorised boot selections. The list of boot selections can vary according to the user.

Setup

Find a suitable Apache web server, complete with valid SSL certificate. Create a directory called “boot” on this web server. For the purpose of this documentation, I will assume that the full URI for this directory is http://my.web.server/boot.

In the “boot” directory, create a file “.htaccess” containing

  SSLRequireSSL

and a file “menu.gpxe” containing

  #!gpxe
  
  imgfree
  login
  kernel -n menu https://${username:uristring}:${password:uristring}@my.web.server/boot/vesamenu.c32 menu.php
  boot menu

Download the latest syslinux tarball from http://www.kernel.org/pub/linux/utils/boot/syslinux/ and build it. Copy the files com32/menu/vesamenu.c32 and com32/modules/cmd.c32 into the “boot” directory.


QR Code
QR Code appnotes:authmenus (generated for current page)