Comment 0 for bug 1890177

The Privilege Drop options ($PrivDrop*) in focal's rsyslog both point to 'syslog' for the user and group, and don't match the ownership/permission of '/dev/console' generating the following:

syslog:Aug 3 15:16:58 <HOSTNAME> rsyslogd: file '/dev/console': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ]

Looking in Bionic/18.04LTS, '/dev/console' used to be root:syslog[1], nowadays it's root:tty[2]

[1] - Bionic/18.04LTS (Gcloud instance)
# ls -l /dev/console
crw--w---- 1 root syslog 5, 1 Aug 3 15:17 /dev/console

[2] - Focal/20.04LTS (Gcloud instance)
# ls -l /dev/console
crw--w---- 1 root tty 5, 1 Aug 3 17:19 /dev/console

# /etc/rsyslog.conf
$PrivDropToUser syslog
$PrivDropToGroup syslog

** As a debug exercise I did the following:
- Cannot reproduce the situation if I intentionally get rid of the PrivDrop* options.
- Cannot reproduce the situation if I intentionally add 'syslog' user member of 'tty' group.

Other bug:
https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889