Pivotal Knowledge Base


Connecting to a user (via su) results in errors such as "could not open session", "incorrect password", or "su: cannot set groups: Operation not permitted"


Product Version
Pivotal Greenplum (GPDB) 4.3.x
OS RHEL 6.x, DCA v1, DCA v2, DCA v3


Attempting to su (connect as a different user) on a server via an OS user (not root), results in the error "could not open session" , "incorrect password", or "su: cannot set groups: Operation not permitted".

[gpadmin@mdw ~]$ su - 
"su: cannot set groups: Operation not permitted"
[gpadmin@mdw ~]$ su - gpadmin
could not open session
[gpadmin@mdw ~]$ su - root
su: incorrect password

The same issue is not visible when the su is run via the root user.


The issue noted above is caused due to the alteration of the permission of su executable from its default permission (rwsr-xr-x).

The server where the su is erroring out has the permission set as follows.

[[root@mdw ~]# ls -ltr /bin/su
-rwsrwxrwx 1 root root 28336 Mar 14  2012 /bin/su
[root@mdw ~]#


Set the correct permission for the su executable, using the following command:

chmod u+s /bin/su

This ensures that su is executed with the special privileges that are inherited from the program owner (which is root) and retry the command with any OS users other than root.



Powered by Zendesk