[Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied

Eric Desrochers 1890177 at bugs.launchpad.net
Mon Aug 3 18:08:19 UTC 2020 

https://wiki.debian.org/SystemGroups

tty: TTY devices are owned by this group. This is used by write and wall
to enable them to write to other people's TTYs, but it is not intended
to be used directly.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1890177

Title:
  rsyslogd: file '/dev/console': open error: Permission denied

Status in rsyslog package in Ubuntu:
  New
Status in rsyslog source package in Focal:
  New

Bug description:
  The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point
  to 'syslog' for the user and group, and don't match the
  ownership/permission of '/dev/console' generating the following:

  syslog:Aug  3 15:16:58 <HOSTNAME> rsyslogd: file '/dev/console': open
  error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433
  ]

  Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1],
  nowadays it's root:tty[2]

  [1] - Bionic/18.04LTS (Gcloud instance)
  # ls -l /dev/console
  crw--w---- 1 root syslog 5, 1 Aug  3 15:17 /dev/console

  [2] - Focal/20.04LTS (Gcloud instance)
  # ls -l /dev/console
  crw--w---- 1 root tty 5, 1 Aug  3 17:19 /dev/console

  # /etc/rsyslog.conf
  $PrivDropToUser syslog
  $PrivDropToGroup syslog

  ** As a debug exercise I did the following:
  - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options.
  - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group.

  Meaning that it's pretty obvious with the above statement that the
  permission denied is caused by the permission/ownership mismatch
  between '/dev/console' 's ownership permission & syslog user
  (PrivDropTo[User|Group]).

  Other bug:
  https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions

More information about the foundations-bugs mailing list