su - oracle permission denied

[omarsawalhah]

After SSHed to the container, I tried to "su" to oracle user, I got the following

su: cannot open session: Permission denied

[Dani3lSun]

Hi @omarsawalhah
this problem is due to missing rights inside of the docker container. Per default a docker container runs with unprivileged rights...
You have multiple possibilities now.

1) Connect directly as oracle using SSH

ssh oracle@localhost -p 2222

2) Using gosu instead of su
Thus the build is bundled with gusu you can use it like:

gosu oracle bash

gosu is required because only containers can run in privileged mode, during build there is no privileged mode so I bundled gosu with this image...

3) Run container with privileged rights
By default, Docker containers are “unprivileged” and cannot, for example, run a Docker daemon inside a Docker container. This is because by default a container is not allowed to access any devices, but a “privileged” container is given access to all devices
So the docker run command would be like:

docker run -d --name <your-docker-container-name> -p <local-ssh-port>:22 -p <local-http-port>:8080 -p <local-db-listener-port>:1521 -v /dev/shm --tmpfs /dev/shm:rw,nosuid,nodev,exec,size=2g --privileged <your-docker-image-name>

4) Run container with more Linux capabilities
This is like --privileged but more selective, you give only higher rights to chosen capabilities instead of running the whole container in privileged mode. If you choose solution 3 or 4 I would go for this solution because it´s more secure to only allow certain capabilities instead of all.
So the docker run command would be like:

docker run -d --name <your-docker-container-name> -p <local-ssh-port>:22 -p <local-http-port>:8080 -p <local-db-listener-port>:1521 -v /dev/shm --tmpfs /dev/shm:rw,nosuid,nodev,exec,size=2g --cap-add SYS_RESOURCE <your-docker-image-name>

I will add this notes to the readme, so other people know how to configure it...