http://bugzilla.suse.com/show_bug.cgi?id=1004049 Bug ID: 1004049 Summary: /usr/bin/socat ... openpty() is not allowd to do chown of resulting /dev/pts/ device Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: All OS: openSUSE 42.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: werner@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Even with apparmor disabled I see in the strace close(8) = 0 close(7) = 0 chown("/dev/pts/8", 223, 5) = -1 EPERM (Operation not permitted) close(6) = 0 which makes this tool useless for normal users. Beside this: why we do have setcap/getcap installed by default? With this we would be able to set permissions based on capabilities for tools like setcap and ping, ping6, ... in the %post install section of the rpm of the affected tools -- You are receiving this mail because: You are on the CC list for the bug.