macOS: Custom DNS resolvers in /etc/resolver not working in podman 5.3.1

[Stehsegler]

Issue Description

In my environment, I have to use an private DNS server for private domains in addition to the default public/internet DNS. I set this up on macOS by defining a custom resolver for the relevant domains in /etc/resolver. After updating podman to version 5.3.1 on the macOS host, private domains can no longer be resolved from within containers (or the Podman machine, for that matter). Downgrading to 5.3.0 on the host fixes the issue, no matter what podman version is running within the machine.

Steps to reproduce the issue

Steps to reproduce the issue

1. On macOS, create a custom DNS resolver in /etc/resolver pointing to a DNS server which is able to resolve domains your system's default DNS server cannot resolve.
2. Install podman 5.3.1, initialize a machine and start a container.
3. Within the container, try to resolve a domain from your custom DNS server.

Describe the results you received

Domain cannot be resolved.

Describe the results you expected

Domain can be resolved, as was the case with podman <= 5.3.0.

podman info output

`podman info` seems to collect information only from the podman instance within the machine, while the issue seems to be caused by the podman components on the macOS host. Therefore, I'll limit myself to some details of the host environment:

- OS: macOS 15.1.1 Sequoia
- Architecture: ARM64/Apple M3 Max
- Podman version: 5.3.1

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

No response

Additional information

No response

[Luap99]

How did you install podman? There are no networking related changes in 5.3.1 compared to 5.3.0 AFAICT

[Stehsegler]

Using Homebrew. Switching back and forth between 5.3.0 and 5.3.1 multiple times, the presence/absence of the problem was consistent.

[Luap99]

Please try our installers https://github.com/containers/podman/releases/tag/v5.3.1 instead.

If it works there and not with brew you should report the issue there.

[nazarkulyk]

Currently inspecting same issue with resolving dns on 5.3.1
Worked today morning, but not now.

[baude]

Currently inspecting same issue with resolving dns on 5.3.1 Worked today morning, but not now.

also brew install or otherwise?

[Stehsegler]

Indeed, I cannot reproduce the issue using the official installer. Weird…

[Luap99]

It looks like the brew package updated gvproxy to v0.8.0
Homebrew/homebrew-core@449ead6

Our official installer is still on 0.7.5: https://github.com/containers/podman/blob/e72599b260f75e4569237ff3ccdd8338760eee42/contrib/pkginstaller/Makefile#L9

https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.8.1 mentions a few dns related fixes so maybe try with that otherwise we should report this there.

[Stehsegler]

Update: The originally described issue persists for me for Podman 5.3.2 when installing from homebew (which ships gvproxy 0.8.2).

The official installer for Podman 5.3.2 still seems to include gvproxy 0.7.5:

https://github.com/containers/podman/blob/85043bb1a3818102194afa82845cb63841067c9c/contrib/pkginstaller/Makefile#L9

However, I assume that a bump to the 0.8.x line (and thus the problem also affecting the official installer) will only be a matter of time. main already seems to be on gvproxy 0.8.1:

https://github.com/containers/podman/blob/55f7efc40807be2f469bc05abc0e178dd3b4efb1/contrib/pkginstaller/Makefile#L9

[Luap99]

Yes this sounds like a gvproxy problem so I move the issue there

cc @cfergeau