dmesg: read kernel buffer failed: Permission denied

linux debian dmesg sysctl
50,537

So it was actually trivial, looking at the very last message from the bug report:

Part of the changelog from the aforementioned kernel: * security,printk: Enable SECURITY_DMESG_RESTRICT, preventing non-root users reading the kernel log by default (sysctl: kernel.dmesg_restrict)

So the solution is simply to run once:

% sudo sysctl kernel.dmesg_restrict=0
kernel.dmesg_restrict = 0

Then your local user can start using dmesg again. This apply to any user, instead of a group which I initially assumed.

Everything is back to what I wanted:

% dmesg|wc
   1307   11745   93652

and

% cat /dev/kmsg|head|wc
     10      82     857

And to make it persists across reboots, simply save it as conf file:

$ cat /etc/sysctl.d/10-local.conf 
kernel.dmesg_restrict = 0
Share:
50,537

Related videos on Youtube

Fakt7
Author by

Fakt7

Updated on September 18, 2022

Comments

  • Fakt7
    Fakt7 almost 2 years

    Since recently Debian has changed the default behavior for dmesg and I cannot use it simply from my local user.

    % dmesg
dmesg: read kernel buffer failed: Operation not permitted

    Same goes for:

    % cat /dev/kmsg                      
cat: /dev/kmsg: Operation not permitted

    Starring at the bug tracker this lead to:

    How do I change this behavior back to the previous one, where local user are allowed to use dmesg. I could not find a particular group for it (eg. sudoers or something like that).

  • direprobs
    direprobs almost 7 years
    Are you able to execute this command: cat /dev/kmesg as a regular user?
  • direprobs
    direprobs almost 7 years
    It should be /dev/kmsg in the first comment that was a typo.
  • Knobee
    Knobee almost 5 years
    Easier to make it permanent by adding kernel.dmesg_restrict = 0 to /etc/sysctl.conf
  • scruss
    scruss over 3 years
    In Ubuntu 20.10, there is already a line for this in /etc/sysctl.d/10-kernel-hardening.conf. After changing the file, the user should run sudo service procps restart to allow dmesg viewing again.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Sysctl config for high performance, large activity
Explain the output of dmesg
After reboot debian box ignore sysctl.conf values
dmesg time vs system time time isn't correct
PureOS ISO (on USB) unavailable for boot (EFI) on Mac OS X
What is the BOOT_IMAGE parameter in /proc/cmdline
Kali Linux (Debian) can't install pip.py
Why autoconf.h is not copied automatically to its place?
How to start/kill application with python script?
When “vagrant up” it says “It appears your machine doesn't support NFS” (Debian jessie)