OSX DNS ignored for login

[frolundo]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

I am trying to log into a container registry, where its DNS name is not resolvable using the resolvers listed in /etc/resolv.conf. However OSX has no problem connecting to it by name.
This appears to be a reincarnation of bug: #12975

podman login works inside the podman machine

Steps to reproduce the issue:

1. Have a (gitlab) container registry that is not resolvable using the nameservers in /etc/resolv.conf

2. podman login gitlab-registry.example.org

3. Observe podman-remote talking to the nameserver in /etc/resolv.conf, and then reporting "no such host" in the debug logs.

Describe the results you received:

➜  bin podman login -u XXXX -p XXXX  gitlab-registry.XXXX.XX --log-level=debug
INFO[0000] podman filtering at log level debug
DEBU[0000] Called login.PersistentPreRunE(podman login -u XXXX -p XXXX gitlab-registry.XXXX.XX --log-level=debug)
DEBU[0000] SSH Ident Key "/Users/XXXX/.ssh/podman-machine-default" SHA256:XXXX ssh-ed25519
DEBU[0000] Found SSH_AUTH_SOCK "/private/tmp/com.apple.launchd.LDyuOqrHbs/Listeners", ssh-agent signer(s) enabled
DEBU[0000] DoRequest Method: GET URI: http://d/v4.2.1/libpod/_ping
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf"
DEBU[0000] Found credentials for gitlab-registry.XXXX.XX in credential helper containers-auth.json in file /Users/XXXX/.config/containers/auth.json
DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/gitlab-registry.XXXX.XX
DEBU[0000] GET https://gitlab-registry.XXXX.XX/v2/
DEBU[0000] Ping https://gitlab-registry.XXXX.XX/v2/ err Get "https://gitlab-registry.XXXX.XX/v2/": dial tcp: lookup gitlab-registry.XXXX.XX on 192.168.31.1:53: no such host (&url.Error{Op:"Get", URL:"https://gitlab-registry.XXXX.XX/v2/", Err:(*net.OpError)(0xc0003621e0)})
DEBU[0000] GET https://gitlab-registry.XXXX.XX/v1/_ping
DEBU[0000] Ping https://gitlab-registry.XXXX.XX/v1/_ping err Get "https://gitlab-registry.XXXX.XX/v1/_ping": dial tcp: lookup gitlab-registry.XXXX.XX on 192.168.31.1:53: no such host (&url.Error{Op:"Get", URL:"https://gitlab-registry.XXXX.XX/v1/_ping", Err:(*net.OpError)(0xc0000a43c0)})
Error: authenticating creds for "gitlab-registry.XXXX.XX": pinging container registry gitlab-registry.XXXX.XX: Get "https://gitlab-registry.XXXX.XX/v2/": dial tcp: lookup gitlab-registry.XXXX.XX on 192.168.31.1:53: no such host

Describe the results you expected:
I would expect login to find the registry. I managed to login using v 4.1.1 version, but latest versions (4.2.1 and 4.3.0) seem to have this issue.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

➜  bin podman version
Client:       Podman Engine
Version:      4.2.1
API Version:  4.2.1
Go Version:   go1.18.6
Built:        Tue Sep  6 23:16:02 2022
OS/Arch:      darwin/amd64

Server:       Podman Engine
Version:      4.2.1
API Version:  4.2.1
Go Version:   go1.18.5
Built:        Wed Sep  7 23:58:19 2022
OS/Arch:      linux/amd64

Output of podman info:

host:
  arch: amd64
  buildahVersion: 1.27.0
  cgroupControllers:
  - cpu
  - io
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.4-3.fc36.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.4, commit: '
  cpuUtilization:
    idlePercent: 94.08
    systemPercent: 3.51
    userPercent: 2.41
  cpus: 1
  distribution:
    distribution: fedora
    variant: coreos
    version: "36"
  eventLogger: journald
  hostname: localhost.localdomain
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 1000000
    uidmap:
    - container_id: 0
      host_id: 502
      size: 1
    - container_id: 1
      host_id: 100000
      size: 1000000
  kernel: 5.19.15-201.fc36.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 1369145344
  memTotal: 2066890752
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: crun-1.6-2.fc36.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.6
      commit: 18cf2efbb8feb2b2f20e316520e0fd0b6c41ef4d
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    exists: true
    path: /run/user/502/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.0-0.2.beta.0.fc36.x86_64
    version: |-
      slirp4netns version 1.2.0-beta.0
      commit: 477db14a24ff1a3de3a705e51ca2c4c1fe3dda64
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.3
  swapFree: 0
  swapTotal: 0
  uptime: 0h 5m 36.00s
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  search:
  - docker.io
store:
  configFile: /var/home/core/.config/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /var/home/core/.local/share/containers/storage
  graphRootAllocated: 106825756672
  graphRootUsed: 2290540544
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 0
  runRoot: /run/user/502/containers
  volumePath: /var/home/core/.local/share/containers/storage/volumes
version:
  APIVersion: 4.2.1
  Built: 1662580699
  BuiltTime: Wed Sep  7 23:58:19 2022
  GitCommit: ""
  GoVersion: go1.18.5
  Os: linux
  OsArch: linux/amd64
  Version: 4.2.1

Package info (e.g. output of rpm -q podman or apt list podman or brew info podman):

➜  bin brew info podman
==> podman: stable 4.2.1 (bottled), HEAD
Tool for managing OCI containers and pods
https://podman.io/
/usr/local/Cellar/podman/4.2.1 (178 files, 48.5MB) *
  Poured from bottle on 2022-10-19 at 22:37:49
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/podman.rb
License: Apache-2.0
==> Dependencies
Build: go-md2man ✔, [email protected] ✔
Required: qemu ✔
==> Options
--HEAD
	Install HEAD version
==> Caveats
zsh completions have been installed to:
  /usr/local/share/zsh/site-functions
==> Analytics
install: 18,345 (30 days), 64,022 (90 days), 211,881 (365 days)
install-on-request: 17,651 (30 days), 62,205 (90 days), 209,677 (365 days)
build-error: 0 (30 days)

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

sw_vers
ProductName:	macOS
ProductVersion:	11.6.7
BuildVersion:	20G630

uname -a
Darwin 20.6.0 Darwin Kernel Version 20.6.0: Tue Apr 19 21:04:45 PDT 2022; root:xnu-7195.141.29~1/RELEASE_X86_64 x86_64

[mheon]

@ashley-cui PTAL

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[frolundo]

Bump issue due to lqck of response.

[ashley-cui]

Looks like a regression in our Makefile, where CGO isn't enabled for Darwin builds. I'm on it!

Thanks for the bump @andrunah, sorry for the late response :)

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[rhatdan]

Still being worked on in PR.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[rhatdan]

I am imaginging this is fixed, so closing, Reopen if I am misaken.

[frolundo]

@rhatdan linked MR is not merged, how did you decided it's fixed?

[rhatdan]

Over zealus I guess.

[rhatdan]

@ashley-cui Any update on the PR.

[ashley-cui]

Spent a day trying to get it through our CI, but it works on my machine and not in CI. I think it might be best to just fix this in homebrew packaging at this point, let me see if I can do it there this week and get this closed out.

[atamanroman]

Please correct me if I'm wrong, but this seems to be fixed with golang/go#12524

[ashley-cui]

yes, but the fix requires go1.20, which we are not yet on

[atamanroman]

The homebrew bottles are built with go 1.20.x.
So the released artifacts here might still be affected, but the Homebrew bottled install looks good.

▲ podman version
Client:       Podman Engine
Version:      4.5.0
API Version:  4.5.0
Go Version:   go1.20.3
Git Commit:   75e3c12579d391b81d871fd1cded6cf0d043550a
Built:        Fri Apr 14 15:28:20 2023
OS/Arch:      darwin/amd64

Server:       Podman Engine
Version:      4.5.0
API Version:  4.5.0
Go Version:   go1.20.2
Built:        Fri Apr 14 17:42:22 2023
OS/Arch:      linux/amd64

Thought his info might be helpful for someone else.

[ashley-cui]

My apologies, you are correct! Closing, thanks!