Fame Burst

Home / general

who is changing my grub.cfg? changes to timeout makes grub not show

Carter Sullivan |

Here is my audit on changes to the grub config file at /boot/grub/grub.cfg The change makes the timeout=10 (that I have done to get the grub menu to show at all) to timeout=0 which means grub does not show at all. I was asleep when this happened. I am very tempted to make that file read only and see what happens. Ubuntu 19.04,ryzen 5 2500U with vega radeon mobile gfx 2000mhz. default amd drivers (updated yesterday but this is not a new problem for me, happens every update grub). Any ideas on why this is happening at all? (apart from conspiracy theories). The change timestamp on the file is also 6.07am, when I was sound asleep.

  1. 2019-08-03 06:07:23 /boot/grub/ unlinkat no /usr/bin/rm unset 303
  2. 2019-08-03 06:07:23 /boot/grub/grub.cfg.new openat yes /usr/bin/dash unset 304
  3. 2019-08-03 06:07:23 . openat yes /usr/bin/dash unset 305
  4. 2019-08-03 06:07:23 . openat yes /usr/bin/dash unset 306
  5. 2019-08-03 06:07:23 . openat yes /usr/bin/dash unset 307
  6. 2019-08-03 06:07:23 . openat yes /usr/bin/dash unset 308
  7. 2019-08-03 06:07:23 . openat yes /usr/bin/dash unset 309
  8. 2019-08-03 06:07:23 . openat yes /usr/bin/dash unset 310
  9. 2019-08-03 06:07:23 . openat yes /usr/bin/dash unset 311
  10. 2019-08-03 06:07:23 . openat yes /usr/bin/dash unset 312
  11. 2019-08-03 06:07:27 /boot/grub/grub.cfg.new fchmodat yes /usr/bin/chmod unset 314
  12. 2019-08-03 06:07:27 /boot/grub/grub.cfg.new openat yes /usr/bin/grub-script-check unset 315
  13. 2019-08-03 06:07:27 /boot/grub/ renameat2 no /usr/bin/mv unset 316
  14. 2019-08-03 06:07:27 /boot/grub/grub.cfg rename yes /usr/bin/mv unset 317
  15. 2019-08-03 06:07:27 /boot/grub/grub.cfg.new openat yes /usr/bin/grep unset 313
  16. 2019-08-03 07:38:06 . openat yes /usr/bin/updatedb.mlocate unset 346
  17. 2019-08-03 12:48:37 /boot/grub sendto yes /usr/sbin/auditctl unset 54
  18. 2019-08-03 12:48:37 /boot/grub/grubenv openat yes /usr/bin/grub-editenv unset 77
  19. 2019-08-03 12:48:37 /boot/grub/grubenv openat yes /usr/bin/grub-editenv unset 78

the relevant part of grub.cfg is

terminal_output gfxterm
if [ "${recordfail}" = 1 ] ; then set timeout=30
else if [ x$feature_timeout_style = xy ] ; then set timeout_style=menu set timeout=10 # Fallback normal timeout code in case the timeout_style feature is # unavailable. else set timeout=10 fi
fi

the problem is when my =10 are changed to =0

the audit was gotten from 

sudo apt auditd

then set up with

sudo auditctl -w /boot/grub -k grubchanges -p rwxa

and reported with

sudo ausearch -k grubchanges | aureport -f -i
5

1 Answer

The answer is obvious: it is changed by grub-mkconfig. If you change grub.cfg manually, all changes will be overwritten on the next update-grub.

Grub is updated on every kernel upgrade and also in other cases.

Instead of changing grub.cfg edit /etc/default/grub and run sudo update-grub.

You can read this in the beginning of grub.cfg.

#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#
1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like