NFR Conjur enterprise appliance - Set up

Hello - I am trying to install the Conjur-Enterprise software that we received from Cyberark. This is a NFR appliance. As soon as i run the docker image, the container remains in restarting status and never starts. Checking the container logs - we are getting the below error.

keyctl_join_session_keyring: Operation not permitted
keyctl_join_session_keyring: Operation not permitted
keyctl_join_session_keyring: Operation not permitted
keyctl_join_session_keyring: Operation not permitted

Is this related to licensing ? If so how does some apply license to the conjur instance. I dont see a documentation explaining around that area. Thanks in Advance.

Hi, are you deploying your image with a seccomp profile?
If yes, please make sure you add keyctl, add_key and request_key to the calls, or just add seccomp:unconfined to your docker/podman run.

More information and a seccomp profile at this page:
Conjur Docker seccomp profile

Hello Andrea - Thanks for the tip. No i did not use a seccomp file while deploying, i completely removed the seccomp option while deploying.

I was able to bypass this with --privileged switch, however i will test this with “seccomp:unconfined” when running the docker image.

Your response is much appreciated - Thanks.