[erlang-questions] Could not open pty master
Iván Martínez
ivan.martinez@REDACTED
Sun Sep 28 19:27:39 CEST 2014
$ ls -l
crw--w---- 1 ivan tty 136, 0 Sep 28 17:23 0
c--------- 1 root root 5, 2 Sep 24 15:43 ptmx
I'm running run_erl as user ivan. Running it as root works, yes.
Thank you,
Ivan
2014-09-27 15:24 GMT+02:00 Aidan Hobson Sayers <aidanhs@REDACTED>:
> chown("/dev/pts/1", 998, 5) = -1 EPERM (Operation not
> permitted)
>
> What does ls -l in /dev/pts/ say about the owner of the files in
> /dev/pts/? And what user are you running as (and, by extension, does
> running as root work)?
>
> On 27 September 2014 10:27, Iván Martínez <ivan.martinez@REDACTED>
> wrote:
>
>> Thank you Antoine. I'm a developer rather than a systems administrator, I
>> didn't know strace existed. I have tried it but I don't know what to make
>> from the output:
>>
>> $ strace run_erl priv/ log "erl"
>> execve("/usr/local/bin/run_erl", ["run_erl", "priv/", "log", "erl"], [/*
>> 23 vars */]) = 0
>> brk(0) = 0x60c000
>> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
>> = 0x7f794a62f000
>> access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
>> directory)
>> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
>> fstat(3, {st_mode=S_IFREG|0644, st_size=32636, ...}) = 0
>> mmap(NULL, 32636, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f794a627000
>> close(3) = 0
>> open("/lib64/libutil.so.1", O_RDONLY|O_CLOEXEC) = 3
>> read(3,
>> "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\17\0\0\0\0\0\0"..., 832)
>> = 832
>> fstat(3, {st_mode=S_IFREG|0755, st_size=14608, ...}) = 0
>> mmap(NULL, 2105616, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
>> = 0x7f794a20d000
>> mprotect(0x7f794a20f000, 2093056, PROT_NONE) = 0
>> mmap(0x7f794a40e000, 8192, PROT_READ|PROT_WRITE,
>> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f794a40e000
>> close(3) = 0
>> open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
>> read(3,
>> "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\16\0\0\0\0\0\0"...,
>> 832) = 832
>> fstat(3, {st_mode=S_IFREG|0755, st_size=19512, ...}) = 0
>> mmap(NULL, 2109744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
>> = 0x7f794a009000
>> mprotect(0x7f794a00c000, 2093056, PROT_NONE) = 0
>> mmap(0x7f794a20b000, 8192, PROT_READ|PROT_WRITE,
>> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f794a20b000
>> close(3) = 0
>> open("/lib64/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
>> read(3,
>> "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260T\0\0\0\0\0\0"..., 832)
>> = 832
>> fstat(3, {st_mode=S_IFREG|0755, st_size=1141552, ...}) = 0
>> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
>> = 0x7f794a626000
>> mmap(NULL, 3150168, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
>> = 0x7f7949d07000
>> mprotect(0x7f7949e08000, 2093056, PROT_NONE) = 0
>> mmap(0x7f794a007000, 8192, PROT_READ|PROT_WRITE,
>> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x100000) = 0x7f794a007000
>> close(3) = 0
>> open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
>> read(3,
>> "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\34\2\0\0\0\0\0"..., 832)
>> = 832
>> fstat(3, {st_mode=S_IFREG|0755, st_size=2107600, ...}) = 0
>> mmap(NULL, 3932736, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
>> = 0x7f7949946000
>> mprotect(0x7f7949afc000, 2097152, PROT_NONE) = 0
>> mmap(0x7f7949cfc000, 24576, PROT_READ|PROT_WRITE,
>> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b6000) = 0x7f7949cfc000
>> mmap(0x7f7949d02000, 16960, PROT_READ|PROT_WRITE,
>> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7949d02000
>> close(3) = 0
>> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
>> = 0x7f794a625000
>> mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
>> = 0x7f794a623000
>> arch_prctl(ARCH_SET_FS, 0x7f794a623740) = 0
>> mprotect(0x7f7949cfc000, 16384, PROT_READ) = 0
>> mprotect(0x7f794a007000, 4096, PROT_READ) = 0
>> mprotect(0x7f794a20b000, 4096, PROT_READ) = 0
>> mprotect(0x7f794a40e000, 4096, PROT_READ) = 0
>> mprotect(0x604000, 4096, PROT_READ) = 0
>> mprotect(0x7f794a630000, 4096, PROT_READ) = 0
>> munmap(0x7f794a627000, 32636) = 0
>> brk(0) = 0x60c000
>> brk(0x62f000) = 0x62f000
>> brk(0) = 0x62f000
>> openat(AT_FDCWD, "priv/", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3
>> getdents(3, /* 6 entries */, 32768) = 200
>> getdents(3, /* 0 entries */, 32768) = 0
>> close(3) = 0
>> mknod("priv/erlang.pipe.2.r", S_IFIFO|0666) = 0
>> open("priv/erlang.pipe.2.w", O_WRONLY|O_NONBLOCK) = -1 ENOENT (No such
>> file or directory)
>> mknod("priv/erlang.pipe.2.w", S_IFIFO|0666) = 0
>> open("/dev/ptmx", O_RDWR) = 3
>> statfs("/dev/pts", {f_type="DEVPTS_SUPER_MAGIC", f_bsize=4096,
>> f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0},
>> f_namelen=255, f_frsize=4096}) = 0
>> ioctl(3, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS,
>> {B38400 opost isig icanon echo ...}) = 0
>> ioctl(3, TIOCGPTN, [1]) = 0
>> stat("/dev/pts/1", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 1), ...})
>> = 0
>> ioctl(3, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS,
>> {B38400 opost isig icanon echo ...}) = 0
>> ioctl(3, TIOCGPTN, [1]) = 0
>> stat("/dev/pts/1", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 1), ...})
>> = 0
>> getuid() = 998
>> socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
>> connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) =
>> -1 ENOENT (No such file or directory)
>> close(4) = 0
>> socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
>> connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) =
>> -1 ENOENT (No such file or directory)
>> close(4) = 0
>> open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 4
>> fstat(4, {st_mode=S_IFREG|0644, st_size=1728, ...}) = 0
>> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
>> = 0x7f794a62e000
>> read(4, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1728
>> read(4, "", 4096) = 0
>> close(4) = 0
>> munmap(0x7f794a62e000, 4096) = 0
>> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
>> fstat(4, {st_mode=S_IFREG|0644, st_size=32636, ...}) = 0
>> mmap(NULL, 32636, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f794a627000
>> close(4) = 0
>> open("/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 4
>> read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\"\0\0\0\0\0\0"...,
>> 832) = 832
>> fstat(4, {st_mode=S_IFREG|0755, st_size=58288, ...}) = 0
>> mmap(NULL, 2144360, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0)
>> = 0x7f794973a000
>> mprotect(0x7f7949745000, 2093056, PROT_NONE) = 0
>> mmap(0x7f7949944000, 8192, PROT_READ|PROT_WRITE,
>> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x7f7949944000
>> close(4) = 0
>> mprotect(0x7f7949944000, 4096, PROT_READ) = 0
>> munmap(0x7f794a627000, 32636) = 0
>> open("/etc/group", O_RDONLY|O_CLOEXEC) = 4
>> fstat(4, {st_mode=S_IFREG|0644, st_size=591, ...}) = 0
>> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
>> = 0x7f794a62e000
>> read(4, "root:x:0:\nbin:x:1:\ndaemon:x:2:\ns"..., 4096) = 591
>> close(4) = 0
>> munmap(0x7f794a62e000, 4096) = 0
>> chown("/dev/pts/1", 998, 5) = -1 EPERM (Operation not
>> permitted)
>> close(3) = 0
>> open("/dev/ptmx", O_RDWR) = 3
>> ioctl(3, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS,
>> {B38400 opost isig icanon echo ...}) = 0
>> ioctl(3, TIOCGPTN, [1]) = 0
>> stat("/dev/pts/1", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 1), ...})
>> = 0
>> getuid() = 998
>> chown("/dev/pts/1", 998, 5) = -1 EPERM (Operation not
>> permitted)
>> close(3) = 0
>> open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
>> fstat(3, {st_mode=S_IFREG|0644, st_size=118, ...}) = 0
>> fstat(3, {st_mode=S_IFREG|0644, st_size=118, ...}) = 0
>> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
>> = 0x7f794a62e000
>> read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0\0\0\0"...,
>> 4096) = 118
>> lseek(3, -62, SEEK_CUR) = 56
>> read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0\0\0\0"...,
>> 4096) = 62
>> close(3) = 0
>> munmap(0x7f794a62e000, 4096) = 0
>> getpid() = 5161
>> write(2, "run_erl:187 [5161] Sat Sep 27 09"..., 44run_erl:187 [5161] Sat
>> Sep 27 09:19:59 2014
>> ) = 44
>> write(2, "errno=1 'Operation not permitted"..., 60errno=1 'Operation not
>> permitted'
>> Could not open pty master
>> ) = 60
>> exit_group(1) = ?
>> +++ exited with 1 +++
>>
>> 2014-09-26 22:39 GMT+02:00 Antoine Koener <antoine.koener@REDACTED>:
>>
>>> Hello, why do you not just run strace to see ?
>>>
>>> On 26 Sep 2014, at 18:12, Iván Martínez <ivan.martinez@REDACTED>
>>> wrote:
>>>
>>> I have done chmod 777 to /dev, /dev/pty*, /dev/pts and /dev/pts/* and it
>>> didn't help. Must be something different from file access permits. Anybody
>>> has a clue of what run_erl does and requires?.
>>> Thank you,
>>> Ivan
>>>
>>> 2014-09-25 10:41 GMT+02:00 Iván Martínez <ivan.martinez@REDACTED>:
>>>
>>>> Thank you. Looks like SELinux has nothing to do with the issue:
>>>>
>>>> $ setenforce 0
>>>> setenforce: SELinux is disabled
>>>>
>>>>
>>>> 2014-09-25 3:21 GMT+02:00 zxq9 <zxq9@REDACTED>:
>>>>
>>>>> On Wednesday 24 September 2014 21:00:32 Iván Martínez wrote:
>>>>> > Hello all,
>>>>> > Does anyone know why I'm having the following issue with a CentOS 7
>>>>> system
>>>>> > with kernel 3.10.23?:
>>>>> >
>>>>> > $ run_erl priv/ log "erl"
>>>>> > run_erl:187 [6505] Wed Sep 24 18:42:39 2014
>>>>> > errno=1 'Operation not permitted'
>>>>> > Could not open pty master
>>>>> >
>>>>> > It works as super user. It also works in a Fedora 20 system with
>>>>> kernel
>>>>> > 3.16. I couldn't find any difference in user groups or /dev file
>>>>> permits
>>>>> > between both systems. Starting with a user with UID above or below
>>>>> UID_MIN
>>>>> > doesn't make any difference. I don't think it matters, but the only
>>>>> > difference I could find is that the CentOS has many /dev/pty* files
>>>>> already
>>>>> > created, while the Fedora doesn't have any.
>>>>>
>>>>> You might be running into SELinux permission issues. To find out try
>>>>> doing
>>>>> "setenforce 0" and then running it again. If that works, use a tool
>>>>> like
>>>>> audit2allow or audit2why to create a policy that will permit the
>>>>> actions you
>>>>> require to run your program. I haven't kept up with the Fedora/RHEL
>>>>> world
>>>>> since 7 came out, but Dan Walsh's blog and Red Hat's SELinux docs have
>>>>> been
>>>>> good resources on this in the past.
>>>>>
>>>>> Of course, you might have a totally different issue, but SELinux
>>>>> booleans and
>>>>> audit logs are the first thing I check on a Fedora-type distro when
>>>>> something
>>>>> doesn't work but looks like it should.
>>>>> _______________________________________________
>>>>> erlang-questions mailing list
>>>>> erlang-questions@REDACTED
>>>>> http://erlang.org/mailman/listinfo/erlang-questions
>>>>>
>>>>
>>>>
>>> _______________________________________________
>>> erlang-questions mailing list
>>> erlang-questions@REDACTED
>>> http://erlang.org/mailman/listinfo/erlang-questions
>>>
>>>
>>
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140928/c221c8f9/attachment.htm>
More information about the erlang-questions
mailing list