I filed this bug report downstream at: https://bugzilla.redhat.com/show_bug.cgi?id=1257322 and was asked to report upstream. Here we go :) Description of problem: Trying to find out serial number of computer without root permissions fails. In the directory: /sys/devices/virtual/dmi/id the files: board_serial chassis_serial product_serial provide that information, but they are not world-readable. Accessing the files fails for non-root users. Excluding product_uuid, all other files in the directory are world-readable. $ cat /sys/devices/virtual/dmi/id/{board_serial,chassis_serial,product_serial} cat: /sys/devices/virtual/dmi/id/...: Permission denied $ dmidecode -s system-serial-number /dev/mem: Permission denied Expected results: display serial numbers of computer Additional Info: What is the rational for making the files containing the serial numbers not world-readable? Alternative solution, that require root permissions for installation of programs, are listed at: http://stackoverflow.com/questions/20206474/extract-the-linux-serial-number-without-sudo
On Thu, Aug 27, 2015 at 07:16:54PM +0000, bugzilla-daemon@bugzilla.kernel.org wrote: > https://bugzilla.kernel.org/show_bug.cgi?id=103601 > > Bug ID: 103601 > Summary: reading computer serial number as non-root user not > possible This is as-designed, glad to see it works properly :)
I would like to understand the reasoning for the design, making the serial number not accessible for regular users. The document I found could not answer this: https://www.kernel.org/pub/linux/kernel/people/mochel/doc/papers/ols-2005/mochel.pdf Can you give me a pointer, please? Comparing to other operating systems: to retrieve the serial number you can execute as regular user in terminal: - in Windows 'wmic bios get serialnumber' - in Mac OS X 'system_profiler |grep "r (system)"' (faster: About This Mac -- Overview -- Serial Number)
On Wed, Sep 09, 2015 at 06:10:19AM +0000, bugzilla-daemon@bugzilla.kernel.org wrote: > I would like to understand the reasoning for the design, making the serial > number not accessible for regular users. As I was not the original author of the sysfs you are curious about, I have no idea. Or even if I was, I have no idea either, it was done a long time ago. > The document I found could not answer this: > > https://www.kernel.org/pub/linux/kernel/people/mochel/doc/papers/ols-2005/mochel.pdf That paper isn't going to detail the file permissions of each sysfs file, no paper will. > Can you give me a pointer, please? > > Comparing to other operating systems: > to retrieve the serial number you can execute as regular user in terminal: > - in Windows 'wmic bios get serialnumber' > - in Mac OS X 'system_profiler |grep "r (system)"' (faster: About This Mac -- > Overview -- Serial Number) Linux is a multi-user operating system, permissions are different for system-level things like this. Is this causing some sort of problem for users?
It is something between problem and inconvenience. My use case is (on the sending and the receiving side): user generated requests for help which contain basic information about hardware (manufacturer, model, and system serial number) Since the original reasoning seems to be lost in the course of time, we have to rely on current knowledge. Is there a risk making the files - that contain the system serial number - world readable?
Hello Greg, This issue is still actual. It's a problem for any system that collecting server inventory information (this is a typical function for many monitoring systems). I'm using zabbix, zabbix-agent runs under normal (non-root) user so it cannot collect server serial number so it is no possible to get server inventory without root privileges. I can not see any reason to limit non-root user from reading serial number of a server.