Discussion:
Issue with su: could not open session
Jérôme Petazzoni
2014-01-28 22:07:50 UTC
Permalink
Hi Rich,

(I'm moving the conversation to docker-user because I think it will be more
appropriate there!)

Can you provide a Dockerfile that reproduces the issue?
Otherwise, I would suggest to:
- investigate with strace to see what's happening on a low level;
- try with sudo instead of su.

Cheers,
I have a centos base, and I have added several users. When I attempt to
"su - user", I get "could not open session".
After searching online, it appears it may be an issue with CentOS where
nofile should not be set to unlimited, but I can't seem to modify this
value (after attempting to edit /etc/security/limits.conf and
/etc/security/limits.d/).
I need to run a process as a user other than root, but I am not sure how
to accomplish this without "su" working properly. Has anyone else run into
this issue before?
Thanks!
Rich
--
You received this message because you are subscribed to the Google Groups
"docker-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an
For more options, visit https://groups.google.com/groups/opt_out.
--
@jpetazzo <https://twitter.com/jpetazzo>
Latest blog post: http://jpetazzo.github.io/2013/12/07/pxe-netboot-docker/
--
You received this message because you are subscribed to the Google Groups "docker-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to docker-dev+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/***@public.gmane.org
For more options, visit https://groups.google.com/groups/opt_out.
Jason Stoops
2014-03-06 01:00:58 UTC
Permalink
Hi Rich,

Depending on your OS, you might try changing the nproc ulimit in
/etc/security/limits.d/90-nproc.conf to something lower. Try 65535 instead
of unlimited.

I ran into this issue consistently due to a su'ed command that was part of
an RPM I was installing via a Dockerfile. Any attempt to su via a normal
shell or even explicitly in a Dockerfile RUN command worked fine. Very odd.
Changing the nproc ulimit eliminated the "Could not open session" error
from the su command.

Jason
Post by Jérôme Petazzoni
Hi Rich,
(I'm moving the conversation to docker-user because I think it will be
more appropriate there!)
Can you provide a Dockerfile that reproduces the issue?
- investigate with strace to see what's happening on a low level;
- try with sudo instead of su.
Cheers,
I have a centos base, and I have added several users. When I attempt to
"su - user", I get "could not open session".
After searching online, it appears it may be an issue with CentOS where
nofile should not be set to unlimited, but I can't seem to modify this
value (after attempting to edit /etc/security/limits.conf and
/etc/security/limits.d/).
I need to run a process as a user other than root, but I am not sure how
to accomplish this without "su" working properly. Has anyone else run into
this issue before?
Thanks!
Rich
--
You received this message because you are subscribed to the Google Groups
"docker-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an
For more options, visit https://groups.google.com/groups/opt_out.
--
@jpetazzo <https://twitter.com/jpetazzo>
Latest blog post: http://jpetazzo.github.io/2013/12/07/pxe-netboot-docker/
Rich Raposa
2014-03-11 02:40:50 UTC
Permalink
Hi Jerome,

Thank you for the answer! That seemed to fix the problem. I modified 90-nproc.conf
in /etc/security/limits.d (actually, I just deleted the file) and I can now
switch users with "su".

Thanks,
Rich
Post by Jérôme Petazzoni
Hi Rich,
(I'm moving the conversation to docker-user because I think it will be
more appropriate there!)
Can you provide a Dockerfile that reproduces the issue?
- investigate with strace to see what's happening on a low level;
- try with sudo instead of su.
Cheers,
I have a centos base, and I have added several users. When I attempt to
"su - user", I get "could not open session".
After searching online, it appears it may be an issue with CentOS where
nofile should not be set to unlimited, but I can't seem to modify this
value (after attempting to edit /etc/security/limits.conf and
/etc/security/limits.d/).
I need to run a process as a user other than root, but I am not sure how
to accomplish this without "su" working properly. Has anyone else run into
this issue before?
Thanks!
Rich
--
You received this message because you are subscribed to the Google Groups
"docker-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an
For more options, visit https://groups.google.com/groups/opt_out.
--
@jpetazzo <https://twitter.com/jpetazzo>
Latest blog post: http://jpetazzo.github.io/2013/12/07/pxe-netboot-docker/
Loading...