Bug 1971677

Summary: Upgrade to podman podman-3.2.0-5.fc34.x86_64 breaks localhost network in rootless container
Product: [Fedora] Fedora Reporter: Jan Pazdziora (Red Hat) <jpazdziora>
Component: podmanAssignee: Lokesh Mandvekar <lsm5>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 34CC: acui, bbaude, container-sig, debarshir, dwalsh, jnovy, jpazdziora, lsm5, mheon, patrick, pehunt, rh.container.bot, santiago
Target Milestone: ---Keywords: Regression
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-06-15 17:26:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Pazdziora (Red Hat) 2021-06-14 14:25:19 UTC 
Description of problem:

Upgrade to podman podman-3.2.0-5.fc34.x86_64 breaks localhost network in rootless container because the IP address set in /etc/hosts does not match the IP address of the tap0 interface.

Version-Release number of selected component (if applicable):

podman-3.2.0-5.fc34.x86_64

How reproducible:

Deterministic.

Steps to Reproduce:
1. Have Dockerfile

FROM registry.fedoraproject.org/fedora:34
RUN dnf install -y httpd
EXPOSE 80
ENTRYPOINT ["/usr/sbin/httpd", "-D", "FOREGROUND"]

2. Build image:
podman build -t httpd -f Dockerfile .

3. Run Apache in the container with a hostname:
podman run -d -h web.example.test --name httpd httpd

4. Try to talk to itself in the container:
podman exec httpd curl web.example.test | head

5. Check /etc/hosts in the container:
podman exec httpd grep web.example.test /etc/hosts

6. Check the actual IP address configured within the container:
podman exec httpd grep 10.0.2 /proc/net/fib_trie

Actual results:

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (7) Failed to connect to web.example.test port 80: Network is unreachable

10.0.2.2	web.example.test httpd

        +-- 10.0.2.0/24 2 0 1
           |-- 10.0.2.0
           |-- 10.0.2.100
           |-- 10.0.2.255
        +-- 10.0.2.0/24 2 0 1
           |-- 10.0.2.0
           |-- 10.0.2.100
           |-- 10.0.2.255

Expected results:

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0<!doctype html>
<html>
  <head>
    <meta charset='utf-8'>
    <meta name='viewport' content='width=device-width, initial-scale=1'>
    <title>Test Page for the HTTP Server on Fedora</title>
    <style type="text/css">
      /*<![CDATA[*/
      
      html {
100  8474  100  8474    0     0  1655k      0 --:--:-- --:--:-- --:--:-- 2068k

10.0.2.100	web.example.test httpd

        +-- 10.0.2.0/24 2 0 1
           |-- 10.0.2.0
           |-- 10.0.2.100
           |-- 10.0.2.255
        +-- 10.0.2.0/24 2 0 1
           |-- 10.0.2.0
           |-- 10.0.2.100
           |-- 10.0.2.255

Additional info:

This is a regression against podman-3.1.0-1.fc34.x86_64.

The IP address of the interface within the container is (still) 10.0.2.100 but the hostname entry in /etc/hosts does not match that.
Comment 2 Jan Pazdziora (Red Hat) 2021-06-15 16:31:02 UTC 
Since this is about rootless containers, the Steps to Reproduce in comment 0 need to be run under non-root user.
Comment 3 Matthew Heon 2021-06-15 17:26:04 UTC 
Going to close this as a dupe of BZ1972073. Will be fixed upstream by https://github.com/containers/podman/pull/10684

*** This bug has been marked as a duplicate of bug 1972073 ***