Oct 11 11:56:11 hypatia-0 su: pam_unix(su:session): session closed for user zeppelin
Oct 11 11:56:11 hypatia-0 systemd-logind: Removed session c1695.
To debug this I wrote my own java code to authenticate to PAM using the code from Shimo tutorial (https://shiro.apache.org/tutorial.html), and that one worked. I believe therefore that something in the current Zeppelin version has screwed the interface to PAM.
Can you get a look on it and check if there is something to do?