Your message dated Sun, 01 Jul 2018 01:23:08 +0100 with message-id <b8493dedd31cb6126504f978dc5824e6543ef2b9.camel@decadent.org.uk> and subject line Re: src:linux: dmesg should be allowed to print the kernel ring buffer for admins has caused the Debian Bug report #847198, regarding src:linux: dmesg should be allowed to print the kernel ring buffer for admins to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 847198: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847198 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: src:linux: dmesg should be allowed to print the kernel ring buffer for admins
- From: Vincent Lefevre <vincent@vinc17.net>
- Date: Tue, 6 Dec 2016 14:00:41 +0100
- Message-id: <20161206130040.GA23813@cventin.lip.ens-lyon.fr>
Package: src:linux Severity: wishlist In the past, admins could get dmesg output without running it as root, but this is no longer possible: * security,printk: Enable SECURITY_DMESG_RESTRICT, preventing non-root users reading the kernel log by default (sysctl: kernel.dmesg_restrict) (in changelog.linux.gz). It is good that normal users cannot read the kernel log, but for admins (typically users in the adm group, who can already read /var/log/kern.log, thus have access to the same information), this is a regression. Note: "journalctl -b" also gives kernel logs (among other logs). -- System Information: Debian Release: stretch/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.8.0-2-amd64 (SMP w/12 CPU cores) Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
- To: 847198-done@bugs.debian.org
- Subject: Re: src:linux: dmesg should be allowed to print the kernel ring buffer for admins
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Sun, 01 Jul 2018 01:23:08 +0100
- Message-id: <b8493dedd31cb6126504f978dc5824e6543ef2b9.camel@decadent.org.uk>
- In-reply-to: <20161206130040.GA23813@cventin.lip.ens-lyon.fr>
- References: <20161206130040.GA23813@cventin.lip.ens-lyon.fr>
Since it is easy to change back to the old behaviour, this isn't a significant regression. Changing to a more sophisticated access policy could be done through LSMs, perhaps. But this is a feature request which would need to be pursued upstream. Ben. -- Ben Hutchings Q. Which is the greater problem in the world today, ignorance or apathy? A. I don't know and I couldn't care less.Attachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---