moby: su in centos returns "could not open session"
I build a hadoop docker based on the centos image in this repo. For security reasons, hadoop make the permisson of hdfs command to user “hdfs” by default. When I tried to run the hdfs commands as user hdfs by su like:
#su hdfs hdfs dfs -mkdir /user
the system refused me of changing user with message “could not open session”.
The interesting phenomenon is that when I created a user by useradd ambling && su ambling, there was no error at all and I successfully changed to ambling.
After some search, I edited the file ** /etc/pam.d/su ** and changed the session part of “include” to optional, then I can use su to change to hdfs.
I don’t know the exact reason for this error or whether there may be some side effect to my solution. I guess that the cause may be some misses of necessary part in the centos kernel in the process of building the official centos base image.
About this issue
- Original URL
- State: closed
- Created 10 years ago
- Comments: 25 (4 by maintainers)
Commits related to this issue
- resolve the problem of su in centos according to https://github.com/dotcloud/docker/issues/7056 — committed to ambling/hadoop-docker by ambling 10 years ago
- FIX Password:, according to https://github.com/docker/docker/issues/7056 — committed to Habam/docker-hadoop-cdh-pseudo-dev by Habam 9 years ago
- FIX: ~ su in centos returns could not open session ~, according to https://github.com/docker/docker/issues/7056 — committed to Habam/docker-hadoop-cdh-pseudo-dev by Habam 9 years ago
- FIX: ~ su in centos returns could not open session ~, according to https://github.com/docker/docker/issues/7056 — committed to Habam/docker-hadoop-cdh-pseudo-dev by Habam 9 years ago
- Remove limits configuration before running hdfs user Limits might be changed only when running container in priviliged mode. Otherwise all the attempts to login as a user with changed limits will fai... — committed to Teradata/docker-images by deleted user 8 years ago
- Remove limits configuration before running hdfs user Limits might be changed only when running container in priviliged mode. Otherwise all the attempts to login as a user with changed limits will fai... — committed to Teradata/docker-images by deleted user 8 years ago
spira:hadoop jperrin$ docker run -t -i -h hadooptest --name hadooptest hadoop-test:base bash-4.1# su - hdfs could not open session bash-4.1# exit
so, this fails, however ->
spira:hadoop jperrin$ docker run --privileged=true -t -i -h hadooptest --name hadoopfoo hadoop-test:base bash-4.1# su - hdfs -bash-4.1$
that works fine.
spira:hadoop jperrin$ boot2docker version Client version: v1.1.1 Git commit: 8dd1935