[pkg-go] Bug#1115347: podman: Please add a warning that upgrading from Bookworm to Trixie may break user containers due to new default rootless network "pasta"

[Timo Sigurdsson]

Package: podman
Version: 5.4.2+ds1-2+b1
Severity: normal

Dear Maintainer,

I upgraded one of my Debian machines to Trixie and ran into some unexpected difficulties with podman. These were not mentioned in the Trixie release notes or the package's NEWS.Debian file.

1) After the upgrade, I noticed that my rootless user containers wouldn't start anymore. It turned out that podman couldn't find the command pasta. Now you could argue that this is a non-default setup that doesn't have all recommended packages installed. But the release notes have such warnings for other packages that may break if recommended packages aren't installed (e.g. systemd-cryptsetup or linux-sysctl-default).

2) But more importantly, even if you install the passt package, the new network command introduces breaking changes to rootless user containers - namely, they cannot communicate with the host anymore by default. I run a reverse proxy on the host that the containers need to reach, so none of my containers were accessible anymore with the change to pasta. I think this should be documented better to avoid unnecessary headaches for other podman users upgrading from Bookworm. While I found this [1] explanation online, it would have been much easier or less time-consuming, if it was mentioned in the NEWS.Debian file.

[1] https://blog.podman.io/2024/03/podman-5-0-breaking-changes-in-detail/


Hence, I recommend to add a user-visible warning about the pitfalls that come with pasta as the new network driver for rootless user containers.


Thanks and regards,


Timo