The Problem
In some situations, a normal user within a Docker container cannot run ‘su’ command to switch user. When ‘su’ command is issued, the following error returns.
$ su - Password: [entering correct password] su: Authentication failure
The Solution
The sticky permission may be missing in /usr/bin/su within the container. With root privilege, you may fix as follows:
1. First check the current permissions for the /usr/bin/su binary file.
# ls -l /usr/bin/su -rwxr-xr-x 1 root root 32208 Mar 14 01:39 /usr/bin/su
As we can see in the output above, the sticky bit permissions are missing.
2. Add the sticky bit permissions the the /usr/bin/su file as follows:
# chmod u+s /usr/bin/su
3. Verify the permissions again and check for “x” flag at the end of permission field.
# ls -l /usr/bin/su
-rwsr-xr-x 1 root root 32208 Mar 14 01:39 /usr/bin/su
4. Try doing su again inside docker container.
$ su - postgres Password: Last login: Tue Aug 6 12:13:57 JST 2019 on pts/1 postgres@[hostname] $