Bug 827 - 'su' not working properly
Summary: 'su' not working properly
Status: RESOLVED BYDESIGN
Alias: None
Product: Anolis OS 23
Classification: Anolis OS
Component: BaseOS Packages (show other bugs) BaseOS Packages
Version: 23.0
Hardware: All Linux
: P3-Medium S3-normal
Target Milestone: ---
Assignee: gaochang
QA Contact: xuchunmei
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-04-11 18:19 UTC by su-lifan
Modified: 2023-05-04 14:48 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description su-lifan alibaba_cloud_group 2022-04-11 18:19:50 UTC 
Description of problem:
'su' can not be used inside anolis-23 container or chroot

Version-Release number of selected component (if applicable):
util-linux-2.38~rc4-2.an23.aarch64

How reproducible:

Steps to Reproduce:
1. create a chroot or docker container of anolis-23, execute:
2. $ useradd foo
3. $ su foo

Actual results:
reports:
su: cannot open session: Permission denied

Expected results:
switch to user foo

Additional info:
Comment 1 xuchunmei alibaba_cloud_group 2022-08-22 16:18:34 UTC 
docker容器中创建用户报错如下:
# useradd test
Failed opening /etc/nsswitch.conf: No such file or directory

报错原因是/etc/nsswitch.conf文件不存在,在Anolis OS 23中,/etc/nsswitch.conf文件需要由authselect规则来提供,通过authselect设置规则后,会创建/etc/nsswitch.conf,该文件为软链接:
# ls -al /etc/nsswitch.conf
lrwxrwxrwx 1 root root 29 Aug 22 08:10 /etc/nsswitch.conf -> /etc/authselect/nsswitch.conf

docker容器中需要做好authselect默认策略,当前docker容器是最小安装,可以设置为minimal策略。
Comment 2 happy_orange alibaba_cloud_group 2023-05-04 14:48:06 UTC 
by design