Since recently Debian has changed the default behavior for dmesg and I cannot use it simply from my local user.
% dmesg dmesg: read kernel buffer failed: Operation not permitted
Same goes for:
% cat /dev/kmsg cat: /dev/kmsg: Operation not permitted
Starring at the bug tracker this lead to:
How do I change this behavior back to the previous one, where local user are allowed to use dmesg. I could not find a particular group for it (eg. sudoers or something like that).
Answer
So it was actually trivial, looking at the very last message from the bug report:
Part of the changelog from the aforementioned kernel: * security,printk: Enable SECURITY_DMESG_RESTRICT, preventing non-root users reading the kernel log by default (sysctl: kernel.dmesg_restrict)
So the solution is simply to run once:
% sudo sysctl kernel.dmesg_restrict=0 kernel.dmesg_restrict = 0
Then your local user can start using dmesg again. This apply to any user, instead of a group which I initially assumed.
Everything is back to what I wanted:
% dmesg|wc 1307 11745 93652
and
% cat /dev/kmsg|head|wc
10 82 857
And to make it persists across reboots, simply save it as conf file:
$ cat /etc/sysctl.d/10-local.conf kernel.dmesg_restrict = 0