ishida330
Reputation: 158
IBM Container - su :cannot create child process: Resource temporarily unavailable
I'm trying to "su" in the container deployed in IBM Containers/Bluemix. But it fails like this.
root@ubuntu142:/tmp# cf ic exec -it mysshd bash
[root@instance-001652d1 /]# adduser ubuntu
[root@instance-001652d1 /]# su - ubuntu
su: cannot create child process: Resource temporarily unavailable
This works fine in my local docker environment. I also tried to "su" in the startup script( user is already defined ), but it also failed with the same message( from the log ). ( Actually, I'm trying to deploy DB2-Express-C using "su db2inst1".. ) Is there any restriction that "su" is prohibited in IBM container?
Thanks in advance.
Upvotes: 1
Views: 1800
Answers (1)
Alex da Silva
Reputation: 4590
I've seen this problem in Centos 7 container instances only (it works fine for Ubuntu).
Here is the solution to fix it:
$ cf ic exec -it ads-centos bash
[root@instance-00173f1f /]# adduser ubuntu
[root@instance-00173f1f /]# su - ubuntu
su: cannot create child process: Resource temporarily unavailable
[root@instance-00173f1f /]# cd etc
[root@instance-00173f1f etc]# cd pam.d
[root@instance-00173f1f pam.d]# vi su
** change all session variables to 'optional' and save changes **
** see how file should be below **
[root@instance-00173f1f pam.d]# su - ubuntu
[ubuntu@instance-00173f1f ~]$ id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu)
[ubuntu@instance-00173f1f ~]$
Here is how the su file should be
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required pam_wheel.so use_uid
auth substack system-auth
auth include postlogin
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session optional system-auth
session optional postlogin
session optional pam_xauth.so
Upvotes: 10
Related Questions
- AWS ECS Error when running task: No Container Instances were found in your cluster
- Docker error cannot delete docker container, conflict: unable to remove repository reference
- .NET 6 Docker container running on CentOS host throws a "Resource temporarily unavailable" when trying to connect to a dockerized postgres container
- OCI runtime exec failed: exec failed: container_linux.go:349: starting container process caused "exec:
- IBM Container , "Connection refused" when SSH to the public IP
- How can I deploy my war file to IBM MFP container in Bluemix and also need to know the charges
- Deploying spark-jobserver to BlueMix Spark Node
- Bluemix: service bound to container does not appear in VCAP_SERVICES