diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
index 6e9f654aca..b55badf9d4 100644
--- a/policy/modules/kernel/terminal.if
+++ b/policy/modules/kernel/terminal.if
@@ -148,6 +148,24 @@ interface(`term_mount_devpts',`
 	allow $1 devpts_t:filesystem mount;
 ')
 
+########################################
+## <summary>
+##	remount a devpts_t filesystem
+## </summary>
+## <param name="domain">
+##	<summary>
+##	The type of the process to remount it
+##	</summary>
+## </param>
+#
+interface(`term_remount_devpts',`
+	gen_require(`
+		type devpts_t;
+	')
+
+	allow $1 devpts_t:filesystem remount;
+')
+
 ########################################
 ## <summary>
 ##	Create directory /dev/pts.
diff --git a/policy/modules/services/container.te b/policy/modules/services/container.te
index 0d50949783..f599670407 100644
--- a/policy/modules/services/container.te
+++ b/policy/modules/services/container.te
@@ -751,6 +751,8 @@ kernel_read_vm_overcommit_sysctl(container_engine_t)
 
 kernel_search_vm_sysctl(container_engine_t)
 
+term_remount_devpts(container_engine_t)
+
 ifdef(`init_systemd',`
 	# needed by runc, which is also invoked by other engines
 	init_run_bpf(container_engine_domain)