Comment 5 for bug 1258245

Generalized the title to include terminal devices (e.g. Linux virtual terminals) as well.

I'd like to see a better way to set this up. Yes, you can add the syslog user to the dialout and/or tty groups, but that grants access to *all* serial/terminal devices respectively. This can have security consequences if the syslog user is compromised, given that serial devices can include modems, and terminal devices would encompass tty-mode user login sessions.

The current situation is particularly awkward because /etc/rsyslog.d/50-default.conf contains a commented-out rule that directs logging to tty8. No mention is made of any permission issues. I wanted to do basically that, and was puzzled for a few minutes as to why nothing was appearing on the configured virtual terminal.