Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
The Mesos containerizer mounts devpts with the following options:
newinstance,ptmxmode=0666
Some versions of glibc (e.g. 2.17 from CentOS 7) are hard-coded to expect that terminal devices are owned by the tty group, so this causes containers that allocate TTYs to expect to have to chown the TTY (see grantpt code in glibc).
Docker uses the following devpts default:
Options: []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5"},
I can think of a number of options
- hard-code the "gid=5" option
- look up the "tty" group from the host
- propagate the devpts mount options from the host
- look up the "tty" group from the container
- make it the operator's problem (i.e. add configuration)