[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: rsyslog (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: Confirmed Status in rsyslog source package in Focal: Fix Released Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
This bug was fixed in the package rsyslog - 8.2001.0-1ubuntu1.1 --- rsyslog (8.2001.0-1ubuntu1.1) focal; urgency=medium * d/rsyslog.postinst: (LP: #1890177) - Fix Permission denied access to /dev/console for privilege drop user and group syslog:syslog. -- Eric Desrochers Tue, 04 Aug 2020 16:19:46 + ** Changed in: rsyslog (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Released Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Committed Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
Looks like the fix works. Two rotations happened since I installed the update and we've had no errors since then. Thanks again, Zach -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Committed Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
@zack You could wait until the logrotate happen and restart rsyslog or you could simply do manual restart using 'systemctl restart rsyslog' and then look in /var/log/syslog. What triggers the error is at rsyslog startup from what I have notice during my test. - Eric -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Committed Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
@zack You could wait until the logrotate happen that will then restart rsyslog itself or you could simply do a manual restart using 'systemctl restart rsyslog' and then look in /var/log/syslog. What triggers the error is at rsyslog startup from what I have notice during my test. - Eric -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Committed Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
I've installed the proposed package on an affected system. I think this only affects us after a log rotation, so will let it sit over the weekend and report back on Monday. Thank you for the patch. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Committed Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
I have retried the autpkgtest test on ppc64el. It is failing on 'systemd-fsckd'. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Committed Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
I have retry the test, it is failing on 'systemd-fsckd'. Let's see. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Committed Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
Hello Eric, or anyone else affected, Accepted rsyslog into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/rsyslog/8.2001.0-1ubuntu1.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: rsyslog (Ubuntu Focal) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: Fix Committed Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
** Description changed: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] - * Deploy focal/20.04LTS + * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: In Progress Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
Thanks @sil2100 for your pre-approval comment. I have uploaded it into focal upload queue. It is now waiting for the official SRU team approval in order to start building in focal-proposed for the verification test phase. - Eric -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: In Progress Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS (tested in gcloud instance) * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
** Description changed: + [Impact] + + At the moment rsyslog cannot have access /dev/console due to a mismatch + permission/ownership between '/dev/console' and the Privilege Drop User + and Group 'syslog' in rsyslog. + + [Test Case] + + * Deploy focal/20.04LTS + * Install rsyslog + * systemctl restart rsyslog OR systemctl restart rsyslog + * Inspect /var/log/syslog for the following error: + syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] + + [Regression potential] + + https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 + + [Other information] + + [Original description] + The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 ** Description changed: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] [Regression potential] https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/comments/4 [Other information] + + Other bug: + https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 [Original description] The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: In Progress Bug description: [Impact] At the moment rsyslog cannot have access /dev/console due to a mismatch permission/ownership between '/dev/console' and the Privilege Drop User and Group 'syslog' in rsyslog. [Test Case] * Deploy focal/20.04LTS * Install rsyslog * systemctl restart rsyslog OR systemctl restart rsyslog * Inspect /var/log/syslog for the following error: syslog:Aug 4 14:37:56 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ]
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
** Changed in: rsyslog (Ubuntu Focal) Status: New => In Progress ** Changed in: rsyslog (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: rsyslog (Ubuntu Focal) Assignee: (unassigned) => Eric Desrochers (slashd) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: In Progress Bug description: The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
Ok, thinking about it for a moment, I can't actually think of a way how this could have any adverse effects. rsyslog is anyway a very privileged thing (just by checking the capabilities), so adding it to tty should not really have any effect (as it already is meant to have rw access to tty's). Maybe I'm missing something here, but so far this feels safe. As for the SRUability of that, I think this does count as a bugfix so in theory should be SRU material. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: New Bug description: The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
One easy fix would possibly be the following: # debian/rsyslog.postinst case "$1" in configure) adduser --system --group --no-create-home --quiet syslog || true adduser syslog adm || true +adduser syslog tty || true I have tested it in a PPA, and it works just fine: Preparing to unpack .../rsyslog_8.2001.0-1ubuntu1+test2020307b1_amd64.deb ... Unpacking rsyslog (8.2001.0-1ubuntu1+test2020307b1) over (8.2001.0-1ubuntu1) ... Setting up rsyslog (8.2001.0-1ubuntu1+test2020307b1) ... The user `syslog' is already a member of `adm'. Adding user `syslog' to group `tty' ... ==> Adding user syslog to group tty <== Done. Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd Processing triggers for man-db (2.9.1-1) ... Processing triggers for systemd (245.4-4ubuntu3.1) ... # /etc/group tty:x:5:syslog -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: New Bug description: The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
https://wiki.debian.org/SystemGroups tty: TTY devices are owned by this group. This is used by write and wall to enable them to write to other people's TTYs, but it is not intended to be used directly. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: New Bug description: The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1890177] Re: rsyslogd: file '/dev/console': open error: Permission denied
One easy fix would possibly be the following: # debian/rsyslog.postinst case "$1" in configure) adduser --system --group --no-create-home --quiet syslog || true adduser syslog adm || true +adduser syslog tty || true I'll give it a try and test. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1890177 Title: rsyslogd: file '/dev/console': open error: Permission denied Status in rsyslog package in Ubuntu: New Status in rsyslog source package in Focal: New Bug description: The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following: syslog:Aug 3 15:16:58 rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2] [1] - Bionic/18.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root syslog 5, 1 Aug 3 15:17 /dev/console [2] - Focal/20.04LTS (Gcloud instance) # ls -l /dev/console crw--w 1 root tty 5, 1 Aug 3 17:19 /dev/console # /etc/rsyslog.conf $PrivDropToUser syslog $PrivDropToGroup syslog ** As a debug exercise I did the following: - Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options. - Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group. Meaning that it's pretty obvious with the above statement that the permission denied is caused by the permission/ownership mismatch between '/dev/console' 's ownership permission & syslog user (PrivDropTo[User|Group]). Other bug: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp