can't see non-root writes to /dev/console

Carlos A. M. dos Santos unixmania at gmail.com
Sun Oct 12 22:16:39 PDT 2008 

On Wed, Sep 10, 2008 at 11:54 PM, Carlos A. M. dos Santos
<unixmania at gmail.com> wrote:
> On Wed, Sep 10, 2008 at 5:34 PM, Jeff Blank <jb000002 at mr-happy.com> wrote:
>> I just upgraded a RELENG_7 (amd64) box from 20080714 to "latest"
>> (which seems to be from a few days ago--no changes from Monday
>> morning's csup to today's) and can no longer see the effect of writing
>> to /dev/console as non-root.  When I log in using xdm, my user owns
>> /dev/console, mode 0622 (-rw--w--w-), and I start an 'xterm -C'.  But
>> when I, for example,
>>
>> echo foo > /dev/console
>>
>> I see nothing in the console xterm.  No error messages, and echo exits
>> 0.  If I su to root and do the same, I get 'foo' in the same console
>> xterm.  Syslog messages to /dev/console also appear, of course.  All
>> the above applies to xconsole as well, not just xterm.  I did
>> recompile xterm from 20080616 ports, but it didn't fix the issue
>> (didn't expect it to, as xterm clearly has no trouble attaching and
>> reading).  So my echo is getting lost in the kernel, I guess.
>>
>> Known problem?  Intentional change?  Something else?
>
> I have seen this problem since 6.x times and still on 7.x. I also
> noticed that if I send something to the console after xconsole starts
> then I can sned messages as an ordinary user. My workaround was
> modifying the Xsetup_0 script (I used xdm for login), adding a line
> with
>
>     (sleep 3; date >> "$dev_console") &
>
> just after starting xconsole.
>
> I didn't have time to set up a machine with 8-CURRENT yet, so I could
> not check if the new mp-safe tty implementation fixes this, either
> intentionally or by a fortunate side effect.

I took some time to look at this again. I'm using 8.0-CURRENT now
(GENERIC kernel), csup'ed and compiled yesterday. Xconsole is unable
to open the console even if my user & group own /dev/console and the
permissions are set to 0622. This happens because of the following
code in xconsole.c:

289     int on = 1;
290     if (ioctl (tty_fd, TIOCCONS, (char *) &on) != -1)
291         input = fdopen (pty_fd, "r");

The ioctl call fails (EPERM) because only superuser can use TIOCCONS,
regardless the ownership of the device. Using xterm with the "-C"
argument works because xterm is installed with the setuid flag bit on.
So the solution is "chmod +us  xconsole".

-- 
cd /usr/ports/sysutils/life
make clean

More information about the freebsd-stable mailing list