Description of problem: When using "podman build" as a non-root user the new container is unable to connect to the internet. Adding --net host doesn't help. It works fine when run as root. Version-Release number of selected component (if applicable): podman-1.1.2-1.git0ad9b6b.fc29.x86_64 How reproducible: Always. Steps to Reproduce: 1. Create a Dockerfile with this content: FROM ubuntu:16.04 RUN apt-get update RUN apt-get -y install libz-dev 2. As a non-root user, run "podman build ." in the same directory as the Dockerfile 3. Be disappoint. Actual results: The apt-get processes in the container fail to download anything: STEP 1: FROM ubuntu:16.04 Getting image source signatures Copying blob 34667c7e4631: 41.54 MiB / 41.54 MiB [==========================] 5s Copying blob d18d76a881a4: 852 B / 852 B [==================================] 5s Copying blob 119c7358fbfc: 529 B / 529 B [==================================] 5s Copying blob 2aaf13f3eff0: 169 B / 169 B [==================================] 5s Copying config 9361ce633ff1: 3.32 KiB / 3.32 KiB [==========================] 0s Writing manifest to image destination Storing signatures STEP 2: RUN apt-get update Err:1 http://archive.ubuntu.com/ubuntu xenial InRelease Temporary failure resolving 'archive.ubuntu.com' Err:2 http://security.ubuntu.com/ubuntu xenial-security InRelease Temporary failure resolving 'security.ubuntu.com' Err:3 http://archive.ubuntu.com/ubuntu xenial-updates InRelease Temporary failure resolving 'archive.ubuntu.com' Err:4 http://archive.ubuntu.com/ubuntu xenial-backports InRelease Temporary failure resolving 'archive.ubuntu.com' Reading package lists... Done W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial/InRelease Temporary failure resolving 'archive.ubuntu.com' W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial-updates/InRelease Temporary failure resolving 'archive.ubuntu.com' W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial-backports/InRelease Temporary failure resolving 'archive.ubuntu.com' W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/xenial-security/InRelease Temporary failure resolving 'security.ubuntu.com' W: Some index files failed to download. They have been ignored, or old ones used instead. --> d14a2cb289a4f2eb3fd1651cbac5e4515fae4dfdd56ab7fb4a6a70ad4bdbe3fe STEP 3: FROM d14a2cb289a4f2eb3fd1651cbac5e4515fae4dfdd56ab7fb4a6a70ad4bdbe3fe STEP 4: RUN apt-get -y install libz-dev Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package libz-dev error building at step {Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin] Command:run Args:[apt-get -y install libz-dev] Flags:[] Attrs:map[] Message:RUN apt-get -y install libz-dev Original:RUN apt-get -y install libz-dev}: error while running runtime: exit status 100 Expected results: Container connects to the internet. Additional info: I get the same results running buildah commands manually: $ buildah from ubuntu:16.04 ubuntu-working-container cont$ buildah run ubuntu-working-container apt-get update Err:1 http://archive.ubuntu.com/ubuntu xenial InRelease Temporary failure resolving 'archive.ubuntu.com' Err:2 http://security.ubuntu.com/ubuntu xenial-security InRelease Temporary failure resolving 'security.ubuntu.com' Err:3 http://archive.ubuntu.com/ubuntu xenial-updates InRelease Temporary failure resolving 'archive.ubuntu.com' Err:4 http://archive.ubuntu.com/ubuntu xenial-backports InRelease Temporary failure resolving 'archive.ubuntu.com' Reading package lists... Done W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial/InRelease Temporary failure resolving 'archive.ubuntu.com' W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial-updates/InRelease Temporary failure resolving 'archive.ubuntu.com' W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial-backports/InRelease Temporary failure resolving 'archive.ubuntu.com' W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/xenial-security/InRelease Temporary failure resolving 'security.ubuntu.com' W: Some index files failed to download. They have been ignored, or old ones used instead. However, that can be fixed by adding --net host to the run commands: $ buildah run --net host ubuntu-working-container apt-get update Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [109 kB] Get:2 http://archive.ubuntu.com/ubuntu xenial InRelease [247 kB] Get:3 http://archive.ubuntu.com/ubuntu xenial-updates InRelease [109 kB] Get:4 http://archive.ubuntu.com/ubuntu xenial-backports InRelease [107 kB] Get:5 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages [795 kB] Get:6 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages [1558 kB] Get:7 http://security.ubuntu.com/ubuntu xenial-security/restricted amd64 Packages [12.7 kB] Get:8 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 Packages [545 kB] Get:9 http://security.ubuntu.com/ubuntu xenial-security/multiverse amd64 Packages [6117 B] Get:10 http://archive.ubuntu.com/ubuntu xenial/restricted amd64 Packages [14.1 kB] Get:11 http://archive.ubuntu.com/ubuntu xenial/universe amd64 Packages [9827 kB] Get:12 http://archive.ubuntu.com/ubuntu xenial/multiverse amd64 Packages [176 kB] Get:13 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages [1189 kB] Get:14 http://archive.ubuntu.com/ubuntu xenial-updates/restricted amd64 Packages [13.1 kB] Get:15 http://archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages [953 kB] Get:16 http://archive.ubuntu.com/ubuntu xenial-updates/multiverse amd64 Packages [19.0 kB] Get:17 http://archive.ubuntu.com/ubuntu xenial-backports/main amd64 Packages [7942 B] Get:18 http://archive.ubuntu.com/ubuntu xenial-backports/universe amd64 Packages [8532 B] Fetched 15.7 MB in 2s (5803 kB/s) Reading package lists... Done Adding --net host to the "podman build" command doesn't help though. This appears to be the same issue as https://github.com/containers/libpod/issues/2572 and is fixed by making podman pass --net host to the buildah commands it runs. Could that patch please be backported to the f29 package, so that using podman-build rootless actually works?
The issue is solved upstream, we need a new build
podman-1.3.1-1.git7210727.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-fe6ef87556
podman-1.3.1-1.git7210727.fc30 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-a0ddb8df76
podman-1.3.1-1.git7210727.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-a0ddb8df76
podman-1.3.1-1.git7210727.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-fe6ef87556
podman-1.3.1-1.git7210727.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.
podman-1.3.1-1.git7210727.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.