bug script: Optionally use sudo to read a restricted kernel log

If kernel.dmesg_restrict is enabled (which it now will be by default) and sudo is installed, ask whether to use sudo. If this is denied or fails then fall back to writing a placeholder in the bug report.
2016-10-07 03:00:03 +01:00 · 2016-10-07 03:00:03 +01:00 · 8645d4069f
parent f3b836ba7c
commit 8645d4069f
2 changed files with 12 additions and 1 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -21,6 +21,8 @@ linux (4.8-1~exp1) UNRELEASED; urgency=medium
  * Compile with gcc-6 on all architectures
  * security,printk: Enable SECURITY_DMESG_RESTRICT, preventing non-root users
    reading the kernel log by default (sysctl: kernel.dmesg_restrict)
+  * bug script: Optionally use sudo to read a restricted kernel log, and fall
+    back to writing a placeholder

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 01 Oct 2016 21:51:33 +0100

--- a/debian/templates/image.bug/include-dmesg
+++ b/debian/templates/image.bug/include-dmesg
@ -1,6 +1,15 @@
 add_dmesg() {
+  local got_log=
  echo '** Kernel log:' >&3
-  dmesg | tail -n 100 >&3
+  if [ "$(cat /proc/sys/kernel/dmesg_restrict)" = 0 ]; then
+    dmesg > >(tail -n 100 >&3) && got_log=y
+  elif command -v sudo >/dev/null; then
+    yesno "Use sudo to read the kernel log? " yep
+    if [ "$REPLY" = yep ]; then
+      sudo dmesg > >(tail -n 100 >&3) && got_log=y
+    fi
+  fi
+  test "$got_log" || echo 'Unable to read kernel log; any relevant messages should be attached' >&3
  echo >&3
 }