[Bug 1258245] Re: syslog user can't write to serial or terminal devices
Daniel Richard G.
skunk at iskunk.org
Mon May 23 03:33:12 UTC 2016
Generalized the title to include terminal devices (e.g. Linux virtual
terminals) as well.
I'd like to see a better way to set this up. Yes, you can add the syslog
user to the dialout and/or tty groups, but that grants access to *all*
serial/terminal devices respectively. This can have security
consequences if the syslog user is compromised, given that serial
devices can include modems, and terminal devices would encompass tty-
mode user login sessions.
The current situation is particularly awkward because
/etc/rsyslog.d/50-default.conf contains a commented-out rule that
directs logging to tty8. No mention is made of any permission issues. I
wanted to do basically that, and was puzzled for a few minutes as to why
nothing was appearing on the configured virtual terminal.
** Summary changed:
- syslog user can't write to /dev/ttyS0
+ syslog user can't write to serial or terminal devices
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.
syslog user can't write to serial or terminal devices
Status in rsyslog package in Ubuntu:
We configure a VM via libvirt to have a serial device(/dev/ttyS0) that
writes to a file on the host. During the desktop install we have some
early preseed logic that adds an /etc/rsyslog.d config file that
directs syslog messages to /dev/ttyS0. Under recent images, nothing is
showing up in the file on the host end. For a quick sanity check I ran
the following command in the VM:
echo ANDY > /dev/ttyS0
This works when done as root, but won't work when run as the syslog
user. Digging a little more I see rsyslogd runs as syslog (which is in
the syslog and adm groups) and ttyS0 is writeable to root and dialout.
This is based on today's image with includes rsyslog 7.4.4-1ubuntu2
To manage notifications about this bug go to:
More information about the foundations-bugs