[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2019-06-26 Thread Andrew Goodbody
Very disappointed to see this is marked as 'Wont fix'. It is pointless security theatre and is breaking useful things. In my case it is libguestfs. Please reconsider -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu.

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2019-05-17 Thread Alkis Georgopoulos
This forces us to run tftpd as root, to serve $CHROOT/boot to netboot clients, so it's actually LESS secure than it was before the change. Applying the stat workaround isn't always easy; sometimes $CHROOT/boot comes from a read-only loopback image. Also note that initrd.img, which may actually

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2019-03-06 Thread Stefan Heinzmann
Would it be possible to make the kernel readable by a special group (i.e. "kernel-readers"), which Ubuntu-distros could have installed by default? In this case it would suffice to make users member of this group, if they want to use tools that need kernel read access. Or would that somehow

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2019-01-29 Thread Jarl
A consequence of the design decision to prevent read-access for users is that a bug has emerged in libguestfs: https://bugs.launchpad.net/ubuntu/+source/libguestfs/+bug/1813662 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2018-06-15 Thread Ciro Santilli 六四事件 法轮功
$ sudo dpkg-statoverride --add root root 0644 /boot/vmlinux-$(uname -r) dpkg-statoverride: error: --add needs four arguments only updated for a single kernel, and apparently not the one virt-make- fs is using. I then did: sudo chmod +r /boot/vmlinuz-* and virt-make-fs was happy. -- You

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2018-03-30 Thread Jason Heeris
Does this mean there is now no non-root way to extract files from filesystem images? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/759725 Title: The kernel is no longer readable by

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2017-03-16 Thread Velkan
Why guestmount can't work out of box? That was a perfect userspace option to get a loop device to test out-of-space errors. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/759725 Title:

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2016-11-30 Thread Andrea Frittoli
The correct override command is: sudo dpkg-statoverride --add --update root root 0644 /boot/vmlinuz-$(uname -r) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/759725 Title: The kernel

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2016-07-08 Thread Mathew Hodson
** No longer affects: hobbit-plugins (Ubuntu) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/759725 Title: The kernel is no longer readable by non-root users Status in linux package in

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2015-07-22 Thread god
As of 15.04 this embarrassing security theatre is still in place. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/759725 Title: The kernel is no longer readable by non-root users Status

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2015-04-27 Thread Thiago Martins
Any news on this? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/759725 Title: The kernel is no longer readable by non-root users Status in hobbit-plugins package in Ubuntu: In

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2014-10-28 Thread Chris Jeker
I changed the following under Ubuntu 14.10: File /usr/lib/xymon/client/ext/libs 69c69 my $kernel_image_read_command = strings '$newest_kernel_image'; --- my $kernel_image_read_command = $SUDO strings '$newest_kernel_image'; ext$ ./libs strings: /boot/vmlinuz-3.16.0-23-generic: Permission denied

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2014-05-23 Thread god
Is it possible to change vmlinuz permissions so it's readable by members of special group (libguestfs)?. This way admins could locally fix this by design stupidity easily for affected users instead of forcing maintainers for all the affected packages to supply statoverride scripts. -- You

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2014-05-14 Thread Axel Beckert
** Also affects: hobbit-plugins (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/759725 Title: The kernel is no longer readable by

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2014-05-14 Thread Launchpad Bug Tracker
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: hobbit-plugins (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu.

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2014-05-14 Thread Axel Beckert
** Changed in: hobbit-plugins (Ubuntu) Status: Confirmed = In Progress ** Changed in: hobbit-plugins (Ubuntu) Assignee: (unassigned) = Axel Beckert (xtaran) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu.

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2014-05-13 Thread Axel Beckert
This also affects monitoring tools like e.g. the libs test in hobbit- plugins which compare the running kernel version to the one on disk. These tests don't run as root as they don't need to. Now they need elevated privileges just do this check... :-/ -- You received this bug notification

[Kernel-packages] [Bug 759725] Re: The kernel is no longer readable by non-root users

2014-04-27 Thread Thiago Martins
Since the vmlinuz-X.WY.Z-X-generic can be easily downloaded from the Internet, this by design change makes Ubuntu less useful. Ubuntu needs to make IT things (Linux) better for humans, not worse... :-/ This is also afecting OpenStack... Reference: