[BRLTTY] Console open error on recent Arch Linux

Aura Kelloniemi kaura.dev at sange.fi
Wed Oct 1 08:13:15 UTC 2025 

Hi,

On 2025-09-30 at 14:13 -0400, Dave Mielke <Dave at mielke.cc> wrote:
 > [quoted lines by Aura Kelloniemi on 2025/09/29 at 23:02 +0300]

 > >1) It still reports "no screen".

 > No one else is having this problem. There's clearly something unique about
 > your system and/or your brltty installation.

Perhaps my explanation has been unclear. Let me try again:

BRLTTY is unable to access console on my system, because /dev/tty0 is
accessible only by the root user, its mode is 0600 and ownership root:tty.

I'm running kernel 6.16.9-arch1-1 and there are no udev rules which affect
permissions of my /dev/tty0, so it seems these permissions are the kernel
default.

If brltty is not running at root, there is no chance that it could access
/dev/tty0.

This is confirmed by the debug log that I sent attached to my first message in
this thread. I will reattach the same log into this message.

 > >2)  Every time I connect my braille display using USB, it starts a
 > >    new BRLTTY instance. I cannot use BrlAPI applications with this instance.

 > Yes. Since the udev mechanism can start several instances, and since they
 > can't all serve the same brlapi port, this would need special
 > configuration.

This is a separate topic I hopefully have time to return to shortly in a new
thread.

 > >Also I wonder whether there is a better way to give BRLTTY accewss to devices
 > >than changing the permissions of the device node. Changes to device
 > >permissions will last even if BRLTTY is stopped. In case system user IDs
 > >change (e.g. due to package removals/installs) it may be that some process
 > >unintentionally gains access to some devices.

 > I'm open to ideas. Also, just to be sure that no one misunderstands, the
 > actual node permissions aren't changed. ACLs are added that grant access
 > specifically to the brltty user.

Would this work?

1) Start BRLTTY as root.
2) unshare. Detach from the common mounts namespace.
3) Mount private tmpfs. Only BRLTTY process has access to this file system.
4) Create necessary device nodes in this private file system. Not all device
nodes need to be created, only those for which cannot be accessed from /dev
directly.
5) Switch user to brltty and drop all privileges.
6) Once BRLTTY exits or is killed, the mount namespace becomes empty and the
tmpfs is cleaned up.

-- 
Aura

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: brltty-priv-error.log
URL: <http://brltty.app/pipermail/brltty/attachments/20251001/78f3a821/attachment.log>

More information about the BRLTTY mailing list