Information
NOTE: The change to grub2_defs.bios is a result of executing bootadm in the solution.
Solution
Run the following command to generate your password hash:
# /usr/lib/grub2/bios/bin/grub-mkpasswd-pbkdf2
Enter password:
Reenter password:
PBKDF2 hash of your password is <password_hash>
Create the file /usr/lib/grub2/bios/etc/grub.d/01_password:
#!/bin/sh
/usr/bin/cat > /rpool/boot/grub/password.cfg <<EOF
#
# GRUB password
#
set superusers="root"
password_pbkdf2 root <password_hash>
EOF
/usr/bin/chmod 600 /rpool/boot/grub/password.cfg
/usr/bin/echo 'source /@/boot/grub/password.cfg'
Run the following to finalize the password configuration and set menu timeout:
# /usr/bin/chmod 700 /usr/lib/grub2/bios/etc/grub.d/01_password
# /usr/sbin/bootadm set-menu timeout=30
Changes will take effect on the next reboot.