Users in groups 'adm' and 'systemd-journal' can access all logs.
xnox@chita:~$ journalctl -k
Hint: You are currently not seeing messages from other users and the system.
Users in groups 'adm', 'systemd-journal' can see all messages.
Pass -q to turn off this notice.
-- No entries --
xnox@chita:~$ id xnox
uid=1000(xnox) gid=1000(xnox) groups=1000(xnox),27(sudo),110(lxd)
xnox@chita:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.2 LTS
Release: 16.04
Codename: xenial
Thus mere mortal users, not in the adm group cannot read dmesg.
To further limit this, you need to copy /usr/lib/tmpfiles.d/systemd.conf
into /etc/tmpfiles.d/ and remove the access you do not like. E.g. remove
the pagaragph about adm group.
** Changed in: systemd (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1698144
Title:
"journalctl -k" doesn't respect kernel.dmesg_restrict
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1698144/+subscriptions
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
