Invalid host socket when switching rootful mode on macOS

[benoitf]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

With podman and machines, we can configure the rootless/rootful mode.
But if I configure the machine in rootful mode, the macOS host socket is still bound to the rootless mode

Steps to reproduce the issue:

1. Create default machine (podman machine init) + podman machine start
2. make it rootful : podman machine set --rootful
3. run a command like podman run docker.io/httpd
4. Check the containers available on the host socket:

curl -s -X GET --unix-socket $HOME/.local/share/containers/podman/machine/podman-machine-default/podman.sock "http:///libpod/containers/json" | jq

the container is not listed

Describe the results you received:
the container is not listed from the podman.sock on the host

Describe the results you expected:
the container should be listed from the podman.sock as it should be mapped to the rootful socket.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Client:       Podman Engine
Version:      4.0.3
API Version:  4.0.3
Go Version:   go1.18
Built:        Fri Apr  1 17:28:59 2022
OS/Arch:      darwin/amd64

Output of podman info --debug:

(paste your output here)

Package info (e.g. output of rpm -q podman or apt list podman):

(paste your output here)

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes/No

Additional environment details (AWS, VirtualBox, physical, etc.):

[Luap99]

Does it work after machine stop && machine start again? I am not sure if we can change the socket while the VM is running.

[benoitf]

on restart yes. But without restart, clients using the socket will display different containers/images than the podman container or podman images CLI

If it's not possible to change the socket, probably it should imply a restart of the machine.

when restarting it'll use the right socket

INFO[0013] Socket forward established: /Users/benoitf/.local/share/containers/podman/machine/podman-machine-default/podman.sock to /run/podman/podman.sock
API forwarding listening on: /Users/benoitf/.local/share/containers/podman/machine/podman-machine-default/podman.sock

while in rootless mode

INFO[0012] Socket forward established: /Users/benoitf/.local/share/containers/podman/machine/podman-machine-default/podman.sock to /run/user/501/podman/podman.sock

[Luap99]

@baude @n1hility Is it possible to change the socket while the VM is running?

If not we should at least document this or automatically restart the machine as @benoitf suggested.

[n1hility]

Right it just stages the change, you have to restart for it to take affect. It should probably print something here. Alternatively we could detect if the machine instance is running and disallow changes. IMO it doesn't make sense to automatically restart since its destructive and unexpected.

[benoitf]

I'm fine also on the proposal to disallow changes on a running machine.

In all cases I'm expecting consistency between CLI and socket.

Because for now CLI may not use what is provided by the socket. (cli is switched on the fly while socket require a restart)

[n1hility]

Ah yes good point that the CLI changes immediately, that points to just disallowing when running