The "lkm" script fails on dmesg permissions

[gregbuchholz]

Changing to "sudo dmesg" fixes it.

[gregbuchholz]

This was with Ubuntu 21.04

[kaiwan]

Hey @gregbuchholz, thank you!
With default settings on Ubuntu, dmesg doesn't require root access..
have you changed something? Is it a custom built kernel with CONFIG_SECURITY_DMESG_RESTRICT set (will restrict dmesg to root-only)?

[gregbuchholz]

I had compiled a new 5.13.11 based on localmodconfig in a virtual machine. Searching the .config file does confirm that CONFIG_SECURITY_DMESG_RESTRICT is set to 'y'. Then booting the stock 5.11.0-31-generic kernel that came with the Ubuntu 21.04 install, I get the same behavior with dmesg needing root permissions. This is also consistent with the Lubuntu installed on my laptop. It looks like this might have been a change in Ubuntu starting with the 20.10 release. See also:

"Ubuntu 20.10 Moving Ahead In Restricting Access To dmesg"

https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-20.10-dmesg-Needs-Root

[kaiwan]

I had compiled a new 5.13.11 based on localmodconfig in a virtual machine. Searching the .config file does confirm that >CONFIG_SECURITY_DMESG_RESTRICT is set to 'y'.
Right; this makes sense..

"Ubuntu 20.10 Moving Ahead In Restricting Access To dmesg"
https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-20.10-dmesg-Needs-Root
Ah, then no wonder... the book uses Ubuntu 20.04, so didn't require sudo.
Ok, lets enable it now, as in any case,
sudo is used within the script (so, the default sudo timeout should ensure that the password is in any case requested only once).
Thank you!

[kaiwan]

Ubuntu 20.10 onward has enabled CONFIG_SECURITY_DMESG_RESTRICT ! That's good for security
So we need to 'sudo' dmesg; thanks to @gregbuchholz for pointing this out