[Bug 1258245] Re: syslog user can't write to serial or terminal devices

Daniel Richard G. skunk at iskunk.org
Mon May 23 03:33:12 UTC 2016

Generalized the title to include terminal devices (e.g. Linux virtual
terminals) as well.

I'd like to see a better way to set this up. Yes, you can add the syslog
user to the dialout and/or tty groups, but that grants access to *all*
serial/terminal devices respectively. This can have security
consequences if the syslog user is compromised, given that serial
devices can include modems, and terminal devices would encompass tty-
mode user login sessions.

The current situation is particularly awkward because
/etc/rsyslog.d/50-default.conf contains a commented-out rule that
directs logging to tty8. No mention is made of any permission issues. I
wanted to do basically that, and was puzzled for a few minutes as to why
nothing was appearing on the configured virtual terminal.

** Summary changed:

- syslog user can't write to /dev/ttyS0
+ syslog user can't write to serial or terminal devices

You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.

  syslog user can't write to serial or terminal devices

Status in rsyslog package in Ubuntu:

Bug description:
  We configure a VM via libvirt to have a serial device(/dev/ttyS0) that
  writes to a file on the host. During the desktop install we have some
  early preseed logic that adds an /etc/rsyslog.d config file that
  directs syslog messages to /dev/ttyS0. Under recent images, nothing is
  showing up in the file on the host end. For a quick sanity check I ran
  the following command in the VM:

   echo ANDY > /dev/ttyS0

  This works when done as root, but won't work when run as the syslog
  user. Digging a little more I see rsyslogd runs as syslog (which is in
  the syslog and adm groups) and ttyS0 is writeable to root and dialout.

  This is based on today's image with includes rsyslog 7.4.4-1ubuntu2

To manage notifications about this bug go to:

More information about the foundations-bugs mailing list