Package: podman Version: 3.4.1+ds1-2 Severity: normal X-Debbugs-Cc: i...@debian.org
Dear Maintainer, Somewhere between the bullseye version and current unstable, "iptables" became a suggets, instead of a reccommends. Looking at the changelogs I wasn't exactly clear why, but this appears to make "podman run" not work by default [1]: --- 2021-10-28 03:35:56.042 | ++ podman run -d dib-work-image /bin/sh 2021-10-28 03:35:56.241 | time="2021-10-28T03:35:56Z" level=error msg="error loading cached network config: network \"podman\" not found in CNI cache" 2021-10-28 03:35:56.241 | time="2021-10-28T03:35:56Z" level=warning msg="falling back to loading from existing plugins on disk" 2021-10-28 03:35:56.249 | time="2021-10-28T03:35:56Z" level=error msg="Error tearing down partially created network namespace for container a7a992e5399d8a8537d945684ac5193b762b2dbf18f29cd3aa724c389158fb65: error removing pod cool_almeida_cool_almeida from CNI network \"podman\": could not initialize iptables protocol 0: exec: \"iptables\": executable file not found in $PATH" 2021-10-28 03:35:56.262 | Error: error configuring network namespace for container a7a992e5399d8a8537d945684ac5193b762b2dbf18f29cd3aa724c389158fb65: error adding pod cool_almeida_cool_almeida to CNI network "podman": failed to locate iptables: exec: "iptables": executable file not found in $PATH --- I have pulled in the unstable version to workaround bug #994451 which is how I noticed. We use --install-recommends in our CI I had a poke through the changelog but it wasn't clear why this was changed. I am not doing anything fancy with the networking, but I will admit it's a bit convoluted. Basically we are building an image inside a container; so we use "cgroup_manager=cgroupfs" [2]. I can just add iptables [3] but it would be helpful to know what is going on Thanks, -i [1] https://f480170607f99217bcc4-4f7bc0337492030d99b06b8cb4e22e06.ssl.cf5.rackcdn.com/815574/6/check/dib- nodepool-functional-openstack-fedora-35-containerfile- src/144981a/nodepool/builds/test-image-0000000001.log [2] https://opendev.org/zuul/nodepool/src/branch/master/Dockerfile#L102 [3] https://review.opendev.org/c/zuul/nodepool/+/815766 -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386, arm64 Kernel: Linux 5.14.0-2-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages podman depends on: pn conmon <none> ii containerd.io [runc] 1.4.11-1 pn containernetworking-plugins <none> pn golang-github-containers-common <none> ii init-system-helpers 1.60 ii libc6 2.32-4 ii libdevmapper1.02.1 2:1.02.175-2.1 ii libgpgme11 1.16.0-1.1 ii libseccomp2 2.5.2-2 Versions of packages podman recommends: pn buildah <none> pn catatonit | tini | dumb-init <none> pn fuse-overlayfs <none> pn golang-github-containernetworking-plugin-dnsname <none> ii slirp4netns 1.0.1-2 pn uidmap <none> Versions of packages podman suggests: pn containers-storage <none> pn docker-compose <none> ii iptables 1.8.7-1
