Why was brltty added to root group after updating?

Hello,

After running an update, changes on the /etc/groupfile was flagged.

[16:24:32] Info: Starting test name 'group_changes'
[16:24:32]   Checking for group file changes                 [ Warning ]
[16:24:32] Warning: Changes found in the group file for group 'root':
[16:24:32]          User 'brltty' has been added to the group
[16:24:32] Warning: Changes found in the group file for group 'tty':
[16:24:32]          User 'brltty' has been added to the group
[16:24:32] Warning: Changes found in the group file for group 'audio':
[16:24:33]          User 'brltty' has been added to the group
[16:24:33] Warning: Changes found in the group file for group 'dialout':
[16:24:33]          User 'brltty' has been added to the group
[16:24:33] Warning: Changes found in the group file for group 'input':
[16:24:33]          User 'brltty' has been added to the group
[16:24:33] Warning: Changes found in the group file for group 'brlapi':
[16:24:33]          User 'brltty' has been added to the group
[16:24:33] Warning: Changes found in the group file for group 'pulse-access':
[16:24:33]          User 'brltty' has been added to the group
[16:24:34] Warning: Group 'brltty' has been added to the group file.

What immediately concerned me was that it was added to the root group. I did a cat /etc/group | grep -i brltty to confirm this:

u@localhost:~> cat /etc/group | grep -i brltty
root:x:0:brltty
tty:x:5:brltty
audio:x:490:pulse,brltty
dialout:x:488:brltty
input:x:486:brltty
brlapi:x:479:brltty
pulse-access:x:473:brltty
brltty:x:454:

Checked man brltty and it says it’s a daemon for Braille. Nothing rather useful to investigate why that thing was added to the root group.

Can someone help confirm if this is normal? If it is, maybe a little explanation would be useful as well for future reference.

Disclaimer: I did a search for brltty rootusing Duck Duck Go, the openSUSE Wiki pages and also this forum (to see if someone already asked about this) and did not find anything useful to aid my own investigation, so I ended up posting here to ask. Just throwing it out there that I spent some time doing some research before asking since (in my experience) there are people here who post their reply without minding their manners just to point out that you missed what they would call “basic” when it was just a case of being in a hurry.

Thanks in advance for those who would bother to answer while minding their manners.

Two questions here:

Was “an update” rather recent?

You post output without posting the command you used to get it.

Here

henk@boven:~> grep brltty /etc/group
henk@boven:~> 

but I only updated 2023-09-19.

@hcvv The groups are only changed if you have/had brltty installed

Really ? Blind administrators are not allowed to use linux?

BRLTTY is a background process (daemon) which provides access to the Linux/Unix console (when in text mode) for a blind person using a refreshable braille display. It drives the braille display and provides complete screen review functionality.

and:

system-user-brltty - System user and group named brltty
System user for the Braille display driver for Linux/Unix

But the OP never mentioned that he had done that.

My last update was before your 09-19 update.

I went back to an old post of mine. I suppose that thing was installed back then when I upgraded to 15.4.

https://forums.opensuse.org/t/rkhunter-returned-warnings-after-upgrading-to-15-4/152430

What’s up with taking my statement out of context? I never said anything about blind people not having the right to use Linux.

Just to be clear, what I am concerned about is user accounts suddenly getting added to the rootgroup, because I am concerned of unnecessary permissions being granted to certain accounts by way of inheritance which may translate to security risks. There is no discrimination going on here, so can you please stop making an issue out of thin air @hui ?

So based on some replies which were useful, I did:

@localhost:~> zypper search -d braille
Loading repository data...
Reading installed packages...

S | Name                            | Summary                       | Type
--+---------------------------------+-------------------------------+-----------
  | brlapi-devel                    | Library to use BRLTTY from -> | package
  | brlapi-java                     | Library to use BRLTTY from -> | package
  | brlemu                          | Emulates a braille display    | package
i | brltty                          | Braille display driver for -> | package
  | brltty                          | Braille display driver for -> | srcpackage
i | brltty-driver-at-spi2           | AT-SPI 2 driver for BRLTTY    | package
i | brltty-driver-brlapi            | BrlAPI driver for BRLTTY      | package
  | brltty-driver-espeak            | ESpeak driver for BRLTTY      | package
  | brltty-driver-libbraille        | Libbraille driver for BRLTTY  | package

[output clipped for brevity]

Based on the output of brltty, just do zypper remove brlttyand this will all go away, yes?

Btw there is a difference between a user account and a system user…so it should be logical why a system user gets elevated rights.

If you remove brltty you also need to remove the system user brltty…

Alright. At least you didn’t take my statement out of context this time, which resulted into something useful.

Thank you.