Open
Description
The Error
Upon issuing the podman run command I am observing this error in the logs (and trace file):
ORA-27180: failed to create memory protection keyPodman run command used:
podman run -d -p 1521:1521 -e ORACLE_PASSWORD=xxxxxxxxx -v 23ai:/opt/oracle/oradata gvenzl/oracle-free:latestThis includes a separately created podman volume named
23ai.
Background:
I have been experiencing issues with the offical 23:latest image. It would consistently fail and present as unhealthy. I've performed a few full uninstalls/re-installs of podman, as well as podman machine resets (before a full uninstall/install) prior to uninstalling/re-installing.
I've attempted to install podman from the official site, via Homebrew, (both CLI and desktop app). Nothing has worked.1
Logs, Errors, Trace file
MacBook Pro Details:
| Name | Value |
|---|---|
| Specs | 13-inch, 2020 |
| Processor | 2.3 GHz Quad-Core Intel Core i7 |
| Memory | 32 GB 3733 MHz LPDDR4X |
| macOS | 15.4 (24E248) |
Podman details:
👈🏼 Expand for Podman info
Client:
APIVersion: 5.4.2
BuildOrigin: brew
Built: 1743601389
BuiltTime: Wed Apr 2 09:43:09 2025
GitCommit: ""
GoVersion: go1.24.2
Os: darwin
OsArch: darwin/amd64
Version: 5.4.2
host:
arch: amd64
buildahVersion: 1.39.4
cgroupControllers:
- cpu
- io
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.1.12-3.fc41.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.12, commit: '
cpuUtilization:
idlePercent: 98.7
systemPercent: 0.79
userPercent: 0.51
cpus: 2
databaseBackend: sqlite
distribution:
distribution: fedora
variant: coreos
version: "41"
eventLogger: journald
freeLocks: 2046
hostname: localhost.localdomain
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 1000000
uidmap:
- container_id: 0
host_id: 501
size: 1
- container_id: 1
host_id: 100000
size: 1000000
kernel: 6.12.13-200.fc41.x86_64
linkmode: dynamic
logDriver: journald
memFree: 101195776
memTotal: 4092964864
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns-1.14.0-1.fc41.x86_64
path: /usr/libexec/podman/aardvark-dns
version: aardvark-dns 1.14.0
package: netavark-1.14.0-1.fc41.x86_64
path: /usr/libexec/podman/netavark
version: netavark 1.14.0
ociRuntime:
name: crun
package: crun-1.20-2.fc41.x86_64
path: /usr/bin/crun
version: |-
crun version 1.20
commit: 9c9a76ac11994701dd666c4f0b869ceffb599a66
rundir: /run/user/501/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt-0^20250121.g4f2c8e7-2.fc41.x86_64
version: |
pasta 0^20250121.g4f2c8e7-2.fc41.x86_64
Copyright Red Hat
GNU General Public License, version 2 or later
<https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: true
path: unix:///run/user/501/podman/podman.sock
rootlessNetworkCmd: pasta
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: true
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.3.1-1.fc41.x86_64
version: |-
slirp4netns version 1.3.1
commit: e5e368c4f5db6ae75c2fce786e31eef9da6bf236
libslirp: 4.8.0
SLIRP_CONFIG_VERSION_MAX: 5
libseccomp: 2.5.5
swapFree: 0
swapTotal: 0
uptime: 4h 25m 14.00s (Approximately 0.17 days)
variant: ""
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- docker.io
store:
configFile: /var/home/core/.config/containers/storage.conf
containerStore:
number: 1
paused: 0
running: 1
stopped: 0
graphDriverName: overlay
graphOptions: {}
graphRoot: /var/home/core/.local/share/containers/storage
graphRootAllocated: 106521055232
graphRootUsed: 19457257472
graphStatus:
Backing Filesystem: xfs
Native Overlay Diff: "true"
Supports d_type: "true"
Supports shifting: "false"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 2
runRoot: /run/user/501/containers
transientStore: false
volumePath: /var/home/core/.local/share/containers/storage/volumes
version:
APIVersion: 5.4.2
BuildOrigin: Fedora Project
Built: 1743552000
BuiltTime: Tue Apr 1 20:00:00 2025
GitCommit: be85287fcf4590961614ee37be65eeb315e5d9ff
GoVersion: go1.23.7
Os: linux
OsArch: linux/amd64
Version: 5.4.2👈🏼 Expand for Podman logs
Starting Oracle Net Listener.
Oracle Net Listener started.
Starting Oracle Database instance FREE.
Oracle Database instance FREE started.
The Oracle base remains unchanged with value /opt/oracle
#####################################
########### E R R O R ###############
DATABASE SETUP WAS NOT SUCCESSFUL!
Please check output for further info!
########### E R R O R ###############
#####################################
The following output is now a tail of the alert.log:
db_name = "FREE"
open_cursors = 300
pga_aggregate_target = 512M
diagnostic_dest = "/opt/oracle"
enable_pluggable_database= TRUE
2025-04-22T23:59:09.346263+00:00
Errors in file /opt/oracle/diag/rdbms/free/FREE/trace/FREE_ora_51.trc:
ORA-27180: failed to create memory protection key
Linux-x86_64 Error: 22: Invalid argument👈🏼 Expand for FREE_ora_51.trc trace file
Trace file /opt/oracle/diag/rdbms/free/FREE/trace/FREE_ora_51.trc
Oracle Database 23ai Free Release 23.0.0.0.0 - Develop, Learn, and Run for Free
Version 23.7.0.25.01
Build label: RDBMS_23.7.0.25.01DBRU_LINUX.X64_250123.FREE
ORACLE_HOME: /opt/oracle/product/23ai/dbhomeFree
System name: Linux
Node name: 095df7b27ed7
Release: 6.12.13-200.fc41.x86_64
Version: #1 SMP PREEMPT_DYNAMIC Sat Feb 8 20:05:26 UTC 2025
Machine: x86_64
Storage: ?
CLID: U
Instance name: FREE
Instance number: 0 <none>
Database name: N/A
Database unique name: N/A
Database id: N/A
Database role: N/A
Redo thread mounted by this instance: 0 <none>
Oracle process number: 0
Unix process pid: 51, NID: 4026532653, image:
*** 2025-04-22T23:59:08.824921+00:00
SGA (id: 1) creation time at startup: 3 ms
sksxp_get_netcaps: no CI IPs
I:2025-04-22 23:59:08.931 : [ GPNP][ GPNP] clsgpnp_Init init failed. Error: CLSGPNP_ERR (1) .
I:2025-04-22 23:59:08.934 : [ CLSINET][ CLSINET] Failed to initialize clsgpnp context grv 1
I:2025-04-22 23:59:08.936 : [ GPNP][ GPNP] clsgpnp_Init init failed. Error: CLSGPNP_ERR (1) .
I:2025-04-22 23:59:08.937 : [ CLSINET][ CLSINET] Failed to initialize clsgpnp context grv 1
sksxp_get_netcaps: no KGGPNP IPs
Lockdown sysfs /sys/kernel/security/lockdown doesn't exist. Set to default KSCXCAPTYPEKERNELSEC_NONE
KSIPC: KSIPC SERVICE ENV 0x0
KSIPC SERVICE MASK MGAON:[INETOFF]:[IPCLWON]:[GRPAM]:[PRON]:[TOPOON]:[DLLON]:[KSGLOFF][RSTFWOFF]:[RDMAPINGON]:[SHREGON]:MEMCBON:[STATSFWON]:[SNOFF]:[DGOFF]:[ORDNFY]:[RDSTCPBSON][SHREGODPON]:[SIGSAFEON]:[THRPOOLON]:[VNICOFF]
KSNMON: Initial Config: enable=0x7fffffff, maxflow=65535, minstsint=5000
KSNMON: Runtime Config: service enabled=0x3ff
kcrlnfy: Enable RFS client [kcrlc.c:609]
kcrfwy: minimum sleep (disk) is 1376 usecs (overhead is 376 usecs)
init table done
Running with 1 strand for Non-Enterprise Edition
Running without dynamic strands for Non-Enterprise Edition
NOTE: Cluster configuration type = NONE [2]
sskgm_mpkey_create failed: 22
kcrfw_mpkey_init: Failed to initialize memory protection key
ORA-27180: failed to create memory protection key
Linux-x86_64 Error: 22: Invalid argument
Additional information: 16723
<error barrier> at 0x7fffae92d1e8 placed kcrfw.c@39499
sskgm_mpkey_set_prot invalid key:0
Protecting shared strand buffer via memory protection key failed
KJHA:2phase 010 opi_error:27103
ksdddnfy(): KSDDD private context array is NULL
👈🏼 Container /bin/bash ENV variables
SETUP_LINUX_FILE=setupLinuxEnv.sh
ORACLE_SID=FREE
BLOBREADER=blobReader.py
ORACLE_BASE=/opt/oracle
CHECK_SPACE_FILE=checkSpace.sh
ORACLE_HOME=/opt/oracle/product/23ai/dbhomeFree
SETUPTC=setup.sh
SSHARD_PY=orasshard.py
INSTALL_FILE_1=oracle-database-free-23ai-1.0-1.el8.x86_64.rpm
ORACLE_PDB=
LOGGER_PY=oralogger.py
MAIN_PY=main.py
container=podman
SCATALOG_PY=orascatalog.py
PYTHON3_FILE=/usr/libexec/platform-python3.6
PWD=/opt/oracle/diag/rdbms/free/FREE/trace
AUTO_MEM_CALCULATION=false
HOME=/home/oracle
CONFIG_TCPS_FILE=configTcps.sh
ORACLE_PWD=
PCATALOG_PY=orapcatalog.py
CREATE_BLOB_SCRIPT=createBlob.sh
PYTHON_FILE=/usr/bin/python
SHARD_PY=orapshard.py
GSM_PY=oragsm.py
COMMON_PY=oracommon.py
CMD_EXEC=cmdExec
ENABLE_ARCHIVELOG=true
CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1
TERM=xterm
CONF_FILE=oracle-free-23ai.conf
REGISTER_TC_SVCS_SCRIPT=registerService.sh
MACHINE_PY=oramachine.py
USER_SCRIPTS_FILE=runUserScripts.sh
RUN_SHARD_FILE=runOraShardSetup.sh
ENV_PY=oraenv.py
FACTORY_PY=orafactory.py
CHECK_DB_FILE=checkDBStatus.sh
DECRYPT_PWD_FILE=decryptPassword.sh
PWD_FILE=setPassword.sh
CREATE_DB_FILE=createDB.sh
SHLVL=1
SHARD_SETUP=false
CREATE_TC_SVCS_SCRIPT=createService.sh
ENABLE_FORCE_LOGGING=true
ORACLE_DOCKER_INSTALL=true
DEMO_APP=demoapp.sql
PATH=/opt/oracle/product/23ai/dbhomeFree/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
RUN_FILE=runOracle.sh
INSTALL_DIR=/install
CHECKPOINT_FILE_EXTN=.created
_=/usr/bin/env
OLDPWD=/opt/oracle/diag/rdbms/free/FREEFYI
@gvenzl has a version that is working! Just pulled and all looks good so far. Thank you to him as well 😀
choina@MacBook-Pro-2 ~ % podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b82c4b9f7480 docker.io/gvenzl/oracle-free:latest 18 minutes ago Up 18 minutes 0.0.0.0:1521->1521/tcp upbeat_darwin
choina@MacBook-Pro-2 ~ % sql sys/Password1234@//localhost:1521/FREEPDB1 as sysdba
SQLcl: Release 24.4 Production on Wed Apr 23 07:56:47 2025
Copyright (c) 1982, 2025, Oracle. All rights reserved.
Connected to:
Oracle Database 23ai Free Release 23.0.0.0.0 - Develop, Learn, and Run for Free
Version 23.7.0.25.01
SQL> Footnotes
-
There is currently a separate bug that prevents Intel Macs from starting a podman machine, but that is another issue. ↩