Unable to run Expect " no more ptys. " as normal user

Question

I have an LXC container with CentOS 7.4 running.
On running expect from Normal user I am getting the below error.

user@server ~>  expect -c "spawn ls"
spawn ls
The system has no more ptys.  Ask your system administrator to create more.
    while executing
"spawn ls"

But if we execute the same from root user, It works.

[root@server]#  expect -c "spawn ls"
spawn ls

The output of mount also have these in mount point. devpts on /dev/pts type devpts (rw,relatime,seclabel,mode=620,ptmxmode=000)

I have ran the below updates in the server.

mknod -m 600 /dev/console c 5 1 2>/dev/null
mknod -m 666 /dev/null c 1 3 2>/dev/null
mount -n -t tmpfs none /dev 2>/dev/null
mknod -m 622 /dev/console c 5 1 2>/dev/null
mknod -m 666 /dev/null c 1 3 2>/dev/null
mknod -m 666 /dev/zero c 1 5 2>/dev/null
mknod -m 666 /dev/ptmx c 5 2 2>/dev/null
mknod -m 666 /dev/tty c 5 0 2>/dev/null
mknod -m 444 /dev/random c 1 8 2>/dev/null
mknod -m 444 /dev/urandom c 1 9 2>/dev/null
chown root:tty /dev/{console,ptmx,tty} 2>/dev/null
ln -s /proc/self/fd /dev/fd 2>/dev/null
ln -s /proc/self/fd/0 /dev/stdin 2>/dev/null
ln -s /proc/self/fd/1 /dev/stdout 2>/dev/null
ln -s /proc/self/fd/2 /dev/stderr 2>/dev/null
ln -s /proc/kcore /dev/core 2>/dev/null
mkdir /dev/pts 2>/dev/null
mkdir /dev/shm 2>/dev/null
mount -t devpts -o gid=4,mode=620 none /dev/pts 2>/dev/null
mount -t tmpfs none /dev/shm 2>/dev/null
chmod 666 /dev/null

But still I am not able to run the expect command as a normal user.
I have some scripts which needs to be run as normal user with expect statements.

I have done all possible ways which I can think of. Please help!!

@MichaelHampton i have created the container mentioned in this link. https://serverfault.com/q/848966/414008 — nirmalraj17, Jan 12 '18 at 16:25
That doesn't look right. You ought to be able to configure this in the LXC config file `/usr/local/share/lxc/templates/lxc-centos-7` that you created. Please post a copy of it. — Michael Hampton, Jan 12 '18 at 16:29
@MichaelHampton : I have added it here https://github.com/nirmalraj17/lxc/blob/master/templates/lxc-centos.in — nirmalraj17, Jan 12 '18 at 16:39

score 3 · Accepted Answer · answered Jan 12 '18 at 18:37

After quite a bit of searching, I found that I needed to create the /dev/ptmx and /dev/pts structures inside the chroot.

 #!/bin/sh
 mknod /dev/ptmx c 5 2
 chmod 666 /dev/ptmx
 mkdir /dev/pts
 chmod 755 /dev/pts
 mount -t devpts -o gid=5,mode=620 none /dev/pts

Thanks to the website https://mintcast.org/building-linux/ I have quoted the script and the details from the above site.

After executing the script, I was able to execute the command

[user@server]#  expect -c "spawn ls"
spawn ls

Sometimes you need to recompile your current Kernel... Just make sure you have `CONFIG_UNIX98_PTYS=y` and `CONFIG_DEVPTS_FS=y` in your Kernel `.config` file. — Yousha Aleayoub, Jul 09 '22 at 12:56

score 0 · Answer 2 · answered Jun 13 '19 at 22:26

Not related to the chroot environment, but for anyone else coming across this problem, check in /var/log/audit/audit.log that SELinux isn't blocking access. I was having this problem even though the program was being run by root, and found this:

type=AVC msg=audit(1560463619.636:16181): avc:  denied  { read write } for  pid=32466
comm="myscript.exp" name="ptmx" dev="devtmpfs" ino=1149 scontext=system_u:system_r:fail2ban_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file permissive=0

Using audit2allow I was able to generate a policy to allow my script to work.

May be true, but the issue was seen in containers created from LXC virtualization. For automation purpose, I have used "expect" command, so it need to run as regular user. For root user it was working fine. I have used normal commands only not any scripts. — nirmalraj17, Jun 18 '19 at 05:54

Unable to run Expect " no more ptys. " as normal user

2 Answers2

Linked