|Pivotal Greenplum (GPDB)||4.3.x|
|OS||RHEL 6.x, DCA v1, DCA v2, DCA v3|
Attempting to su (connect as a different user) on a server via an OS user (not root), results in the error "could not open session" , "incorrect password", or "su: cannot set groups: Operation not permitted".
[gpadmin@mdw ~]$ su - Password: "su: cannot set groups: Operation not permitted" [gpadmin@mdw ~]$ su - gpadmin Password: could not open session [gpadmin@mdw ~]$ su - root Password: su: incorrect password
The same issue is not visible when the su is run via the root user.
The issue noted above is caused due to the alteration of the permission of su executable from its default permission (rwsr-xr-x).
The server where the su is erroring out has the permission set as follows.
[[root@mdw ~]# ls -ltr /bin/su -rwsrwxrwx 1 root root 28336 Mar 14 2012 /bin/su [root@mdw ~]#
Set the correct permission for the su executable, using the following command:
chmod u+s /bin/su
This ensures that su is executed with the special privileges that are inherited from the program owner (which is root) and retry the command with any OS users other than root.