Open fpusersuggest opened 3 years ago
Looks a new security feature of the kernel.
Can you upload a dmesg log after running the insmod command?
nov 29 23:58:36 mypc sudo[47281]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory
nov 29 23:58:38 mypc sudo[47281]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory
nov 29 23:58:38 mypc sudo[47281]: myusername : TTY=pts/5 ; PWD=/home/myusername/forensics/lime/LiME/src ; USER=root ; COMMAND=/usr/sbin/insmod lime-5.4.0-54-generic.ko path=/home/myusername/mydump.lime format=lime
nov 29 23:58:38 mypc sudo[47281]: pam_unix(sudo:session): session opened for user root by (uid=0)
nov 29 23:58:38 mypc sudo[47281]: pam_unix(sudo:session): session closed for user root
nov 29 23:58:38 mypc kernel: Lockdown: insmod: unsigned module loading is restricted; see man kernel_lockdown.7
EDIT: I'm sorry this is from syslog, only the lastline is both on syslog and dmesg.
Cool thanks! This will help me understand what's going on and build a test
Hello, I have one news, there is an ubuntu package called lime-forensics-dkms that contains lime, but this module does not have the issue. So that the best workaround for ubuntu users is install the deb package. The following is some information about the pkg:
$ apt show lime-forensics-dkms
Package: lime-forensics-dkms
Version: 1.9-1ubuntu0.2
Priority: optional
Section: universe/kernel
Source: lime-forensics
Origin: Ubuntu
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 53,2 kB
Provides: lime-forensics
Depends: dkms (>= 2.1.0.0)
Recommends: linux-headers-amd64 | linux-headers-686-pae | linux-headers-686 | linux-headers-arm64 | linux-headers-armmp | linux-headers-loongson-3 | linux-headers-marvell | linux-headers-octeon | linux-headers-powerpc64le | linux-headers-s390x | linux-headers
Suggests: volatility
Enhances: volatility
Homepage: https://github.com/504ensicsLabs/LiME
Download-Size: 13,3 kB
APT-Manual-Installed: yes
APT-Sources: http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages
maybe you can contact the maintainer to solve the problem.
Hello, I have the following problem to load the module:
Thank you.