What could be the causes of "permission denied" for tty1?

Question

On my VPS server (Fedora 9), mingetty keeps respawning itself because of a "permission denied" error on tty[1-6], even though:

root# ls -la /dev/tty1
crw------- 1 root root 4, 1 Sep 19 14:22 /dev/tty1

Even weirder, this doesn't work:

root# cat </dev/tty1
bash: /dev/tty1: Permission denied

I am guessing this has something to do with the VM host, but both my VPS provider and I are out of ideas, and so is Google... Any clue as to why root cannot access a character device with root rw privileges?

Update: I've made sure SELinux has been disabled; yet, the issue is still there....

Update: The strace dump:

32399 rt_sigaction(SIGTSTP, {SIG_DFL}, {SIG_DFL}, 8) = 0
32399 rt_sigaction(SIGTTIN, {SIG_DFL}, {SIG_IGN}, 8) = 0
32399 rt_sigaction(SIGTTOU, {SIG_DFL}, {SIG_IGN}, 8) = 0
32399 rt_sigaction(SIGINT, {SIG_IGN}, {SIG_IGN}, 8) = 0
32399 rt_sigaction(SIGQUIT, {SIG_IGN}, {SIG_IGN}, 8) = 0
32399 rt_sigaction(SIGCHLD, {SIG_DFL}, {0x807b990, [], SA_RESTORER, 0xb7e7b708}, 8) = 0
32399 open("/dev/tty1", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
32399 open("/dev/tty1", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
32399 fstat64(2, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 1), ...}) = 0
32399 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fe1000
32399 write(2, "bash: /dev/tty1: Permission deni"..., 35) = 35

Can't say it's making much sense to me...

Answer 1

I suspect that SELinux may be the problem. Try temporarily disabling it to see if it works.

Answer 2

I dont have an exact answer, but I have a suggestion.

Use ltrace and strace to get an impression of what is used "under the hood" like this:

strace -f -o LOG bash -c 'cat < /dev/tty1'

(same args for "ltrace"). Examine LOG to find out which syscall triggers the "permission denied". Maybe it will give you one more keyword to feed to google or useful snippet of log to add to your question here.