[ubuntu-hardened] dmesg restrict.
Jamie Strandboge
jamie at canonical.com
Tue Dec 18 20:43:08 UTC 2012
On 12/18/2012 01:28 PM, daniel curtis wrote:
> Hi,
>
> Ubuntu offers an interesting option to restrict dmesg? It is available
> via /proc/sys/kernel/dmesg_restrict, but the default setting is: *0*.
> Is there any way to enable it - change to *1*? When I'm trying to do
> it using sudo, I've got an error:
>
> /proc/sys/kernel/dmesg_restrict: Permission denied
>
I'm guessing you tried to do this by echoing '1' into the file:
$ sudo echo 1 > /proc/sys/kernel/dmesg_restrict
bash: /proc/sys/kernel/dmesg_restrict: Permission denied
This is because the sudo only applied to the 'echo', not to the file you
were trying to write to. To do what you want, do:
$ sudo sh -c 'echo 1 > /proc/sys/kernel/dmesg_restrict'
$ cat /proc/sys/kernel/dmesg_restrict
1
Alternatively, you can use sysctl:
$ sysctl kernel.dmesg_restrict
kernel.dmesg_restrict = 0
$ sudo sysctl -w kernel.dmesg_restrict=1
kernel.dmesg_restrict = 1
To make your change persistent across reboot, create/edit a file in
/etc/sysctl.d/. See /etc/sysctl.d/README for details.
--
Jamie Strandboge http://www.ubuntu.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20121218/dc731bdd/attachment.pgp>
More information about the ubuntu-hardened
mailing list