podman machine (v5.0.0-rc3) fails to start on MacOS

[germag]

Issue Description

podman v5.0.0-rc3, fail to start the default machine:

$ podman machine start
Starting machine "podman-machine-default"
Error: vfkit exited unexpectedly with exit code 1

On an M2 machine with Sonoma 14.3.1
(Sorry if this is expected due a to a missing step, I'm not familiar with MacOS)

Steps to reproduce the issue

Steps to reproduce the issue

1. Install podman v5.0.0-rc3 on MacOS from the github release page: https://github.com/containers/podman/releases
2. Set the policy file:

curl https://raw.githubusercontent.com/containers/image/main/default-policy.json -o ~/.config/containers/policy.json

3. Init default podman machine: podman machine init
4. Start default podman machine: podman machine start

Describe the results you received

Just running podman machine start I got:

Starting machine "podman-machine-default"
Error: vfkit exited unexpectedly with exit code 1

but, running vfkit directly with debug enabled:

/opt/podman/bin/vfkit \
	--log-level debug \
	--cpus 4 \
	--memory 2048 \
	--bootloader efi,variable-store=/Users/german/.local/share/containers/podman/machine/applehv/efi-bl-podman-machine-default,create \
	--device virtio-blk,path=/Users/german/.local/share/containers/podman/machine/applehv/podman-machine-default-arm64.raw \
	--device virtio-rng \
	--device virtio-fs,sharedDir=/Users,mountTag=Users \
	--restful-uri tcp://localhost:49568 \
	--device virtio-gpu,width=800,height=600 \
	--device virtio-input,pointing \
	--device virtio-input,keyboard \
	--gui \

I got:

Error: Error Domain=VZErrorDomain Code=2 Description="Invalid virtual machine configuration. The process doesn’t have the “com.apple.security.virtualization” entitlement." UserInfo={
    NSLocalizedFailure = "Invalid virtual machine configuration.";
    NSLocalizedFailureReason = "The process doesn\U2019t have the \U201ccom.apple.security.virtualization\U201d entitlement.";
}

( I think it could be useful to also pass --log-level debug to vfkit if podman ran with the same level)

Describe the results you expected

default podman machine to start

podman info output

podman info output:

OS: darwin/arm64
provider: applehv
version: 5.0.0-rc3

podman machine info output:

host:
  arch: arm64
  currentmachine: podman-machine-default
  defaultmachine: podman-machine-default
  eventsdir: /var/folders/wn/wq9m0yd12kncff7fzt87hnrc0000gn/T/storage-run-501/podman
  machineconfigdir: /Users/german/.config/containers/podman/machine/applehv
  machineimagedir: /Users/german/.local/share/containers/podman/machine/applehv
  machinestate: Stopped
  numberofmachines: 1
  os: darwin
  vmtype: applehv
version:
  apiversion: 5.0.0-rc3
  version: 5.0.0-rc3
  goversion: go1.22.0
  gitcommit: 54795efeb7baedc03f414c86f34ab17ccb1d3f4f
  builttime: Thu Feb 22 22:05:39 2024
  built: 1708635939
  osarch: darwin/arm64
  os: darwin

This is an M2 machine with Sonoma 14.3.1

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

No response

Additional information

No response

[germag]

@cfergeau

[cfergeau]

Where did you get the vfkit binary from?

[cfergeau]

The 2 binaries from https://github.com/crc-org/vfkit/releases/tag/v0.5.1 don't have this problem. If I remember correctly, the release page briefly had a vfkit binary without the needed entitlement though (ie it would have the issue you describe here), but I fixed this a few days later

[germag]

Where did you get the vfkit binary from?

It came with the podman pkg:

https://github.com/containers/podman/releases/download/v5.0.0-rc3/podman-installer-macos-arm64.pkg

[cfergeau]

Where did you get the vfkit binary from?

It came with the podman pkg:

https://github.com/containers/podman/releases/download/v5.0.0-rc3/podman-installer-macos-arm64.pkg

I think something like #21843 is needed - I'm not sure how to test it, so that's likely slightly wrong.

@ashley-cui fwiw

[Austin-Shep]

Im encountering this issue using the latest version downloaded for the first time yesterday, never used podman or any containers before so maybe i did it wrong. Installed the tools, followed the instructions and got to podman machine start then it does this

Starting machine "podman-machine-default"
Error: vfkit exited unexpectedly with exit code 1

sw_vers:

ProductName:		macOS
ProductVersion:		14.4.1
BuildVersion:		23E224

and
podman info

OS: darwin/amd64
provider: applehv
version: 5.0.0

Cannot connect to Podman. Please verify your connection to the Linux system using `podman system connection list`, or try `podman machine init` and `podman machine start` to manage a new Linux VM
Error: unable to connect to Podman socket: failed to connect: dial tcp 127.0.0.1:49969: connect: connection refused

[caioariede]

@Austin-Shep any luck? I'm having the same issue

[cfergeau]

Can you try podman machine reset, and then podman machine init, podman machine start --log-level debug?

[cfergeau]

Better to open a new issue by the way, as this one is fixed.

[aleleba]

I have the same issue with Podman it works like an an hour and the give me this error, I am running the podman version 5.0.2, hope this will be fixed soon, hope you are doing well

[cfergeau]

I have the same issue with Podman it works like an an hour and the give me this error, I am running the podman version 5.0.2, hope this will be fixed soon, hope you are doing well

Please open a new issue for this.

[caioariede]

Just keep in mind that, from my experience, it seems to be related to macOS Monterey, or older

[cfergeau]

Ah yes, podman requires macOS 13+ as there is no UEFI support in macOS virtualization framework before this. We should add a version check to the installer if it's not there yet.

[aleleba]

I am using MacOS Sonoma 14.4.1 (23E224)

[aleleba]

This are my logs

Starting machine "podman-machine-default"

Error: vfkit exited unexpectedly with exit code 1

Starting machine "podman-machine-default"25

Error: vfkit exited unexpectedly with exit code 1

Command execution failed with exit code 125