Same docker image works in Docker for Windows but not in docker on linux

What I want to achieve
I want to connect to an oracle database within an oracle container via sqlplus

What my problem is
I can connect to the database of the same image within Docker for Windows but not on a linux host

What I did


c:\>docker pull wnameless/oracle-xe-11g
c:\>docker run -d -p 49160:22 -p 49161:1521 wnameless/oracle-xe-11g
c:\>docker exec -it f79f7aa5222c /bin/bash
root@f79f7aa5222c:/# sqlplus system/oracle


SQL*Plus: Release Production on Wed Jul 19 07:28:45 2017

Copyright (c) 1982, 2011, Oracle. All rights reserved.

Connected to: Oracle Database 11g Express Edition Release - 64bit Production


[xx@yy Docker]$ sudo docker pull wnameless/oracle-xe-11g
[xx@yy Docker]$ sudo docker run --shm-size=2g -d -p 49160:22 -p 49161:1521 wnameless/oracle-xe-11g
[xx@yy Docker]$ sudo docker exec -it cea28583cb1c /bin/bash
root@cea28583cb1c:/# sqlplus system/oracle


SQL*Plus: Release Production on Wed Jul 19 07:34:16 2017

Copyright (c) 1982, 2011, Oracle. All rights reserved.

ORA-01034: ORACLE not available
ORA-27101: shared memory realm does not exist
Linux-x86_64 Error: 2: No such file or directory
Process ID: 0
Session ID: 0 Serial number: 0

Infos Linux system:

docker info

[xx@yy Docker]$ sudo docker info
Containers: 1
Running: 1
Paused: 0
Stopped: 0
Images: 33
Server Version: 1.13.1
Storage Driver: devicemapper
Pool Name: docker-8:17-4460587-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 4.741 GB
Data Space Total: 107.4 GB
Data Space Available: 23.21 GB
Metadata Space Used: 4.289 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.143 GB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use --storage-opt dm.thinpooldev to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.137 (2016-11-30)
Logging Driver: journald
Cgroup Driver: systemd
Volume: local
Network: bridge host macvlan null overlay
Authorization: rhel-push-plugin
Swarm: inactive
Runtimes: oci runc
Default Runtime: oci
Init Binary: /usr/libexec/docker/docker-init-current
containerd version: (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
runc version: N/A (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
init version: N/A (expected: 949e6facb77383876aeff8a6944dde66b3089574)
Security Options:
WARNING: You're not using the default seccomp profile
Profile: /etc/docker/seccomp.json
Kernel Version: 4.11.9-300.fc26.x86_64
Operating System: Fedora 26 (Workstation Edition)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 8
Total Memory: 7.776 GiB
Name: yy.domain.de
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://registry.fedoraproject.org/v1/
Experimental: false
Insecure Registries:
Live Restore Enabled: false
Registries: registry.fedoraproject.org (secure), registry.access.redhat.com (secure), docker.io (secure)

Docker logs

[xx@yy Docker]$ sudo docker logs cea28583cb1c
Starting Oracle Net Listener.
Starting Oracle Database 11g Express Edition instance.
/usr/sbin/startup.sh: ignoring /docker-entrypoint-initdb.d/*


root@cea28583cb1c:/# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/docker-8:17-4460587-f479be876efbf45834ea013ac119d63629944a2b315c7cbe7da3a22c1b1e566e 10G 1.9G 8.2G 19% /
tmpfs 3.9G 0 3.9G 0% /dev
tmpfs 3.9G 0 3.9G 0% /sys/fs/cgroup
/dev/sdb1 110G 89G 17G 85% /etc/hosts
shm 2.0G 0 2.0G 0% /dev/shm
tmpfs 3.9G 0 3.9G 0% /sys/firmware


root@cea28583cb1c:/# stat /
File: '/'
Size: 253 Blocks: 0 IO Block: 4096 directory
Device: fd01h/64769d Inode: 131 Links: 22
Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2017-07-11 07:12:36.676904944 +0000
Modify: 2017-07-19 07:33:44.026249772 +0000
Change: 2017-07-19 07:33:44.216248030 +0000
Birth: -


xx@yy:/etc/selinux# lsnrctl status

LSNRCTL for Linux: Version - Production on 19-JUL-2017 11:30:37

Copyright (c) 1991, 2011, Oracle. All rights reserved.

Version TNSLSNR for Linux: Version - Production
Start Date 19-JUL-2017 07:33:46
Uptime 0 days 3 hr. 56 min. 51 sec
Trace Level off
Security ON: Local OS Authentication
Default Service XE
Listener Parameter File /u01/app/oracle/product/11.2.0/xe/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/cea28583cb1c/listener/alert/log.xml
Listening Endpoints Summary...
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully

What I already tried

I tried both users, oracle and root.
I changed permissions of /u01/app/oracle to 755
I checked selinux, this seems not to be active/installed. At least thats what the docker info tells and I cant find sestatus command and /etc/selinux only contains semanage.conf.
I tried several different oracle images, same result in every container.

EDIT As requested, I tried starting oracle service myself:

service oracle-xe start

Result of alert_XE.log:

Starting ORACLE instance (normal)
Picked latch-free SCN scheme 3
Using LOG_ARCHIVE_DEST_1 parameter default value as USE_DB_RECOVERY_FILE_DEST
Autotune of undo retention is turned on.
ILAT =19
SYS auditing is disabled
Starting up:
Oracle Database 11g Express Edition Release - 64bit Production.
Using parameter settings in server-side spfile /u01/app/oracle/product/11.2.0/xe/dbs/spfileXE.ora
System parameters with non-default values:
sessions = 176
sga_target = 576M
control_files = "/u01/app/oracle/oradata/XE/control.dbf"
compatible = ""
db_recovery_file_dest = "/u01/app/oracle/fast_recovery_area"
db_recovery_file_dest_size= 10G
undo_management = "AUTO"
undo_tablespace = "UNDOTBS1"
remote_login_passwordfile= "EXCLUSIVE"
dispatchers = "(PROTOCOL=TCP) (SERVICE=XEXDB)"
shared_servers = 4
job_queue_processes = 4
audit_file_dest = "/u01/app/oracle/admin/XE/adump"
db_name = "XE"
open_cursors = 300
pga_aggregate_target = 195840K
diagnostic_dest = "/u01/app/oracle"

Solved the puzzle, finally.

It turned out that SELinux was active. I don't know how I missed that some weeks ago. I definitely checked that, but maybe I was within the container and not the host. So I ran the container with the --privileged flag and suddenly I can connect to the db.

Thanks for your comments and sorry that I posted it here, you are right @jww. I will make sure to only post programming questions here in the future. Sorry for that.

You can also edit /etc/sysconfig/docker and remove --selinux-enabled from options that's usually added by default. Then restart docker service:

sudo systemctl restart docker


sudo service docker restart

