[pkg-go] Bug#1030930: podman: DNS resolution fails in 'podman build' but works in 'podman run'

Kevin P. Fleming kevin at km6g.us
Thu Feb 9 12:55:44 GMT 2023 

Package: podman
Version: 4.3.1+ds1-5+b1
Severity: important

Dear Maintainer,

I am seeing DNS resolution fail when using 'podman build' but succeed when
using 'podman run', with a Dockerfile which contains the same commands I run
manually in the 'podman run'-launched shell.

Dockerfile
----------
FROM alpine:3.10
RUN cat /etc/resolv.conf
RUN apk add tar

'podman run'
----------
kpfleming at nvr21:~/ctr-dns$ podman run --rm -it alpine:3.10 /bin/sh
/ # cat /etc/resolv.conf
nameserver 10.0.2.3
nameserver 2001:470:8afe:255::2
options edns0 trust-ad
/ # apk add tar
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
fetch http://dl-
cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
(1/1) Installing tar (1.32-r1)
Executing busybox-1.30.1-r5.trigger
OK: 6 MiB in 15 packages
/ # exit

`podman build`
----------
kpfleming at nvr21:~/ctr-dns$ podman build .
STEP 1/3: FROM alpine:3.10
STEP 2/3: RUN cat /etc/resolv.conf
--> Using cache
6e684b0a8063a3c6ea051cc28b16ea19cc984ba9f154810cc3235d10e2ad4b2b
--> 6e684b0a806
STEP 3/3: RUN apk add tar
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/main: temporary error (try
again later)
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.10/main: No such file
or directory
fetch http://dl-
cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/community: temporary error
(try again later)
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.10/community: No such
file or directory
ERROR: unable to select packages:
  tar (no such package):
    required by: world[tar]
Error: building at STEP "RUN apk add tar": while running runtime: exit status 1

When I add 'strace' to the image and trace the 'apk' invocation, I see that the
DNS queries sent to the servers listed in /etc/resolv.conf both time out, when
using 'podman build'.

I have tested the 4.4 package from 'experimental' with no change in behavior.


-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-3-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages podman depends on:
ii  conmon                           2.1.3+ds1-1
ii  crun                             1.5+dfsg-1+b1
ii  golang-github-containers-common  0.50.1+ds1-4
ii  libc6                            2.36-8
ii  libdevmapper1.02.1               2:1.02.185-2
ii  libgpgme11                       1.18.0-3+b1
ii  libseccomp2                      2.5.4-1+b3
ii  libsubid4                        1:4.13+dfsg1-1
ii  runc                             1.1.4+ds1-1+b1

Versions of packages podman recommends:
ii  buildah            1.28.2+ds1-1
ii  catatonit          0.1.7-1+b1
ii  dbus-user-session  1.14.4-1
ii  fuse-overlayfs     1.9-1
ii  slirp4netns        1.2.0-1
ii  uidmap             1:4.13+dfsg1-1

Versions of packages podman suggests:
ii  containers-storage  1.43.0+ds1-7
pn  docker-compose      <none>
ii  iptables            1.8.9-2

-- no debconf information

More information about the Pkg-go-maintainers mailing list