Hi-
does not happen on FC38, or any prior RedHat/Fedora version since forever.
dmesg dmesg: read kernel buffer failed: Operation not permitted
Userspace scripts (such as used to read pics from cameras & sdcards) and many progs often use dmesg to detect or identify things like startup probe info, USB devs, partition numbers etc.
I worked around this by setting the suid bit of `which dmesg`, but it would be rude to force everybody to manually do this as part of post-install cleanup.
Hopefully an unintended side-effect and not a new "feature" that wasn't thought through completely. A web-search suggests debian/ubuntu may have been doing this for awhile- but we really don't need to be just like them... ;)
same observation. []$ uname -r 6.7.7-200.fc39.x86_64
On 3/13/24 19:05, Ron Flory via users wrote:
Hi-
does not happen on FC38, or any prior RedHat/Fedora version since forever.
dmesg dmesg: read kernel buffer failed: Operation not permitted
Userspace scripts (such as used to read pics from cameras & sdcards) and many progs often use dmesg to detect or identify things like startup probe info, USB devs, partition numbers etc.
I worked around this by setting the suid bit of `which dmesg`, but it would be rude to force everybody to manually do this as part of post-install cleanup.
Hopefully an unintended side-effect and not a new "feature" that wasn't thought through completely. A web-search suggests debian/ubuntu may have been doing this for awhile- but we really don't need to be just like them... ;)
-- _______________________________________________ users mailing list --users@lists.fedoraproject.org To unsubscribe send an email tousers-leave@lists.fedoraproject.org Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it:https://pagure.io/fedora-infrastructure/new_issue
On 3/13/24 16:05, Ron Flory via users wrote:
does not happen on FC38, or any prior RedHat/Fedora version since forever.
dmesg dmesg: read kernel buffer failed: Operation not permitted
Userspace scripts (such as used to read pics from cameras & sdcards) and many progs often use dmesg to detect or identify things like startup probe info, USB devs, partition numbers etc.
I worked around this by setting the suid bit of `which dmesg`, but it would be rude to force everybody to manually do this as part of post-install cleanup.
Hopefully an unintended side-effect and not a new "feature" that wasn't thought through completely. A web-search suggests debian/ubuntu may have been doing this for awhile- but we really don't need to be just like them... ;)
This was intentional and there was a thread about this recently, probably on devel or test. It's considered to be a big security issue.
If you're in the wheel group, you can use "journalctl -k".
Ron Flory via users writes:
»Hi-
does not happen on FC38, or any prior RedHat/Fedora version since forever.
Sounds like this has landed:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/...
On 3/13/2024 6:54 PM, Sam Varshavchik wrote:
Ron Flory via users writes:
»Hi-
does not happen on FC38, or any prior RedHat/Fedora version since forever.
Sounds like this has landed:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/...
Thanks for the link.
<groan> I can see both sides of it. At the same time, I can neither fully condemn, nor enthusiastically support this. Subtle side-effects with existing practices and applications will haunt us for a long time.
On Wed, Mar 13, 2024 at 7:05 PM Ron Flory via users users@lists.fedoraproject.org wrote:
does not happen on FC38, or any prior RedHat/Fedora version since forever.
dmesg dmesg: read kernel buffer failed: Operation not permitted
Userspace scripts (such as used to read pics from cameras & sdcards) and many progs often use dmesg to detect or identify things like startup probe info, USB devs, partition numbers etc.
I worked around this by setting the suid bit of `which dmesg`, but it would be rude to force everybody to manually do this as part of post-install cleanup.
Hopefully an unintended side-effect and not a new "feature" that wasn't thought through completely. A web-search suggests debian/ubuntu may have been doing this for awhile- but we really don't need to be just like them... ;)
You can restore old behavior with the following.
# sysctl kernel.dmesg_restrict=0
Put in /etc/sysctl.d/10-dmesg.conf to make it permanent.
Jeff
On Wed, 2024-03-13 at 16:47 -0700, Samuel Sieb wrote:
On 3/13/24 16:05, Ron Flory via users wrote:
does not happen on FC38, or any prior RedHat/Fedora version since forever.
dmesg dmesg: read kernel buffer failed: Operation not permitted
Userspace scripts (such as used to read pics from cameras & sdcards) and many progs often use dmesg to detect or identify things like startup probe info, USB devs, partition numbers etc.
I worked around this by setting the suid bit of `which dmesg`, but it would be rude to force everybody to manually do this as part of post-install cleanup.
Hopefully an unintended side-effect and not a new "feature" that wasn't thought through completely. A web-search suggests debian/ubuntu may have been doing this for awhile- but we really don't need to be just like them... ;)
This was intentional and there was a thread about this recently, probably on devel or test. It's considered to be a big security issue.
If you're in the wheel group, you can use "journalctl -k".
I think the error message is unhelpful. 'dmesg' could easily detect that it wasn't running as root and say something more meaningful.
poc
On 3/14/24 03:33, Patrick O'Callaghan wrote:
I think the error message is unhelpful. 'dmesg' could easily detect that it wasn't running as root and say something more meaningful.
That requires a change to the dmesg program. The cause of the error is a change in the kernel that dmesg doesn't handle.
On Thu, 2024-03-14 at 11:54 -0700, Samuel Sieb wrote:
On 3/14/24 03:33, Patrick O'Callaghan wrote:
I think the error message is unhelpful. 'dmesg' could easily detect that it wasn't running as root and say something more meaningful.
That requires a change to the dmesg program. The cause of the error is a change in the kernel that dmesg doesn't handle.
Exactly, so given that the kernel has changed, a future version of 'dmesg' should reflect that by giving a useful error message.
poc
-
Jeffrey Walton -
Patrick O'Callaghan -
Roger Wells -
Ron Flory -
Sam Varshavchik -
Samuel Sieb