{{{ oval_metadata("The UEFI grub2 boot loader should have password protection enabled.", rule_title=rule_title) }}} {{{ grub2_uefi_boot_path }}}/grub.cfg ^[\s]*set[\s]+superusers=("?)[a-zA-Z_]+\1$ 1 {{{ grub2_uefi_boot_path }}}/grub.cfg ^[\s]*password_pbkdf2[\s]+.*[\s]+grub\.pbkdf2\.sha512.*$ 1