Permissions of devpts (/dev/pts)

Hello,
I have to setup a virtual terminal “socat”. it is for the serial - tcp converter “Netcom+413”.

My system is a Tumbleweed, with the latest updates.

To make this serial port available for ordinary user, which are in groups tty and dialtout,
I had to make a systemd unit file with the contents:


[Unit]
Description=Socat Service for Netcom0
Wants=network-online.target
After=network-online.target
  
[Service]
ExecStart=/usr/bin/socat -d -d pty,link=/dev/netcom0,raw,waitslave tcp:192.168.123.10:2021
Restart=always
RestartSec=10
  
[Install]
WantedBy=multi-user.target

However, then I have the problem, that the user cannot accesse it because he only has “R” permission. Only root has “RW” permission.

On the web, you can find the instrucation to add the following line to “/etc/fstab”:


devpts    /dev/pts    devpts    gid=5,mode=0666        0  0

However, this doesn’t help at all.

Also inserting


ExecStartPost=/bin/sleep 1 
ExecStartPost=/usr/bin/chmod 0666 /dev/netcom0

doesn#t do anything.

The only help right now is to MANUALLY issue the command:


sudo chmod 0660 /etc/netcom0

But this has to be done everytime after the application accessing /dev/netcom0 ends.

Can anybody help?

Thanks,
Johannes

Hi and welcome to the Forum :slight_smile:
Create a udev rule to set permissions since it’s a /dev (/etc/permissions.d file won’t work).

Here’s another approach, modify the permissions/ownership of the device directly.
Seems straightforward to me.

Although I haven’t actually done the following,
To my eye not just the primary solution but all the others should work… I don’t see anything that would be specific to systemd or SysVint.

https://unix.stackexchange.com/questions/14354/read-write-to-a-serial-port-without-root

Is an interesting concept…
I would ordinarily never consider granting less than root RW permission to a tty, but if access is restricted to a physical serial port, I suppose that would not compromise the system (If you have physical access, then nearly anything is possible). I’d just state the obvious warning… Be sure that the tty can’t be accessed some other way… especially by a network connection.

TSU

Hello,
while investigating how to make a udev rule, I stumbled about a post that gave a very easy solution:
In the unit file the ExecStart line must be:


ExecStart=/usr/bin/socat -d -d pty,link=/dev/netcom0,raw,waitslave,mode=660 tcp:192.168.123.10:2021

see the “mode=660” in the commandline. Obviously socat allows to add this information (also owner and group can be specified).

Thanks,
Johannes