[ubuntu-hardened] dmesg restrict.

Jamie Strandboge jamie at canonical.com
Tue Dec 18 20:43:08 UTC 2012

On 12/18/2012 01:28 PM, daniel curtis wrote:
> Hi,
> Ubuntu offers an interesting option to restrict dmesg? It is available
> via /proc/sys/kernel/dmesg_restrict, but the default setting is: *0*.
> Is there any way to enable it - change to *1*? When I'm trying to do
> it using sudo, I've got an error:
> /proc/sys/kernel/dmesg_restrict: Permission denied

I'm guessing you tried to do this by echoing '1' into the file:
$ sudo echo 1 > /proc/sys/kernel/dmesg_restrict
bash: /proc/sys/kernel/dmesg_restrict: Permission denied

This is because the sudo only applied to the 'echo', not to the file you
were trying to write to. To do what you want, do:

$ sudo sh -c 'echo 1 > /proc/sys/kernel/dmesg_restrict'
$ cat /proc/sys/kernel/dmesg_restrict

Alternatively, you can use sysctl:
$ sysctl kernel.dmesg_restrict
kernel.dmesg_restrict = 0
$ sudo sysctl -w kernel.dmesg_restrict=1
kernel.dmesg_restrict = 1

To make your change persistent across reboot, create/edit a file in
/etc/sysctl.d/. See /etc/sysctl.d/README for details.

Jamie Strandboge                 http://www.ubuntu.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20121218/dc731bdd/attachment.pgp>

More information about the ubuntu-hardened mailing list