Symptoms
When trying to use su to a user via
su -l cpuser -s /bin/bash
and you see the following error:
su: cannot open session: Cannot make/remove an entry for the specified session
Description
In a ticket, we found that the issue was being caused by ownership incorrectly set on /home/cpuser/.cagefs/var/cpanel/php which subsequently also caused issues for PHP on that cPanel account.
for example
# ls -ald ./var/cpanel/php
drwx------ 3 shutdown cpuser 22 May 9 12:36 ./var/cpanel/php
#
You can use find to locate files and folders that are not properly owned with
cd /home/cpuser/.cagefs/
find . ! -user cpuser
Workaround
Make sure the files and folders in the user's cagefs have the correct user and group. Caution should be with socket files in .cagefs/tmp as these will remain user root and group nobody.
In this case the owner was corrected on that folder by running
chown cpuser /home/cpuser/.cagefs/var/cpanel/php