--dns does not work with --network network-name #26812
Description
Issue Description
podman-run's man page says for --dns: This option cannot be combined with --network that is set to none or container:id. This should mean it does work with supplying a network name to --network.
Steps to reproduce the issue
Therefore I'd expect these two runs of podman-run to generate the same output, but they don't:
% podman --version
podman version 4.9.3
% podman network create --ipv6 --subnet 192.168.123.0/24 test
test
% podman run -it --dns=10.17.130.185 alpine:3.22 cat /etc/resolv.conf
search <our-domain>
nameserver 10.17.130.185
% podman run -it --dns=10.17.130.185 --network test alpine:3.22 cat /etc/resolv.conf
search dns.podman
nameserver 192.168.123.1
nameserver fd1d:5007:e6a8:9f6c::1
This is on a bare metal machine with an older version of podman. Similarly:
% sudo podman run -it --privileged -v /var/lib/containers:/var/lib/containers alpine:3.22
# sed -i -e s/https/http/g /etc/apk/repositories
# apk add -q podman iptables
# podman --version
podman version 5.5.2
# podman network create --ipv6 --subnet 192.168.123.0/24 test
test
# podman run -it --dns=10.17.130.185 alpine:3.22 cat /etc/resolv.conf
search <our-domain>
nameserver 10.17.130.185
# podman run -it --dns=10.17.130.185 --network test alpine:3.22 cat /etc/resolv.conf
search dns.podman <our-domain>
nameserver 192.168.123.1
nameserver fd8f:8511:fa2d:ed05::1
(This is more of an issue for me than just convenience since I fail to set up /etc/resolv.conf with quadlets and a separate network. But I seem to need to do this to circumvent #18783 or something similar that keeps aadvark-dns from working in an lxc container.)
Describe the results you received
/etc/resolv.conf not reflecting --dns.
Describe the results you expected
/etc/resolv.conf reflecting --dns.
podman info output
For the 5.5.2 call:
host: 10:38:20 [74/229]
arch: amd64
buildahVersion: 1.40.1
cgroupControllers:
- cpuset
- cpu
- io
- memory
- hugetlb
- pids
cgroupManager: cgroupfs
cgroupVersion: v2
conmon:
package: conmon-2.1.13-r0
path: /usr/bin/conmon
version: 'conmon version 2.1.13, commit: unknown'
cpuUtilization:
idlePercent: 97.94
systemPercent: 0.51
userPercent: 1.56
cpus: 144
databaseBackend: sqlite
distribution:
distribution: alpine
version: 3.22.1
eventLogger: file
freeLocks: 2043
hostname: 9b35563c2361
idMappings:
gidmap: null
uidmap: null
kernel: 6.8.0-54-generic
linkmode: dynamic
logDriver: k8s-file
memFree: 307992858624
memTotal: 1082046652416
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns-1.15.0-r0
path: /usr/libexec/podman/aardvark-dns
version: aardvark-dns 1.15.0
package: netavark-1.15.2-r0
path: /usr/libexec/podman/netavark
version: netavark 1.15.2
ociRuntime:
name: crun
package: crun-1.23.1-r0
path: /usr/bin/crun
version: |-
crun version 1.23.1
commit: d20b23dba05e822b93b82f2f34fd5dada433e0c2
rundir: /run/crun
spec: 1.0.0
+SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt-2025.05.12-r0
version: |
pasta 2025_05_12.8ec1341
Copyright Red Hat
GNU General Public License, version 2 or later
<https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software: you are free to change and redistribute it. 10:38:20 [9/229]
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: true
path: /run/podman/podman.sock
rootlessNetworkCmd: pasta
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: false
seccompEnabled: true
seccompProfilePath: /etc/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: ""
package: ""
version: ""
swapFree: 209789087744
swapTotal: 240518139904
uptime: 4007h 13m 13.00s (Approximately 166.96 days)
variant: ""
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- docker.io
store:
configFile: /etc/containers/storage.conf
containerStore:
number: 5
paused: 0
running: 1
stopped: 4
graphDriverName: overlay
graphOptions:
overlay.mountopt: nodev
graphRoot: /var/lib/containers/storage
graphRootAllocated: 5674161012736
graphRootUsed: 4860805120
graphStatus:
Backing Filesystem: zfs
Native Overlay Diff: "true"
Supports d_type: "true"
Supports shifting: "true"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 1
runRoot: /run/containers/storage
transientStore: false
volumePath: /var/lib/containers/storage/volumes
version:
APIVersion: 5.5.2
Built: 1754648164
BuiltTime: Fri Aug 8 10:16:04 2025
GitCommit: ""
GoVersion: go1.24.6
Os: linux
OsArch: linux/amd64
Version: 5.5.2
For the 4.9.3 call:
:
arch: amd64
buildahVersion: 1.33.7
cgroupControllers:
- cpu
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon_2.1.10+ds1-1build2_amd64
path: /usr/bin/conmon
version: 'conmon version 2.1.10, commit: unknown'
cpuUtilization:
idlePercent: 97.94
systemPercent: 0.51
userPercent: 1.56
cpus: 144
databaseBackend: sqlite
distribution:
codename: noble
distribution: ubuntu
version: "24.04"
eventLogger: journald
freeLocks: 1544
hostname: wsbox
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 6.8.0-54-generic
linkmode: dynamic
logDriver: journald
memFree: 308348563456
memTotal: 1082046652416
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns_1.4.0-5_amd64
path: /usr/lib/podman/aardvark-dns
version: aardvark-dns 1.4.0
package: netavark_1.4.0-4_amd64
path: /usr/lib/podman/netavark
version: netavark 1.4.0
ociRuntime:
name: crun
package: crun_1.14.1-1_amd64
path: /usr/bin/crun
version: |-
crun version 1.14.1
commit: de537a7965bfbe9992e2cfae0baeb56a08128171
rundir: /run/user/1000/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +WASM:wasmedge +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt_0.0~git20240220.1e6f92b-1_amd64
version: |
pasta unknown version
Copyright Red Hat
GNU General Public License, version 2 or later
<https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: false
path: /run/user/1000/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns_1.2.1-1build2_amd64
version: |-
slirp4netns version 1.2.1
commit: 09e31e92fa3d2a1d3ca261adaeb012c8d75a8194
libslirp: 4.7.0
SLIRP_CONFIG_VERSION_MAX: 4
libseccomp: 2.5.5
swapFree: 209789087744
swapTotal: 240518139904
uptime: 4007h 13m 12.00s (Approximately 166.96 days)
variant: ""
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
docker.io:
Blocked: false
Insecure: false
Location: docker.io
MirrorByDigestOnly: false
Mirrors:
- Insecure: false
Location: dockerhub-cache.<our-domain>
PullFromMirror: ""
Prefix: docker.io
PullFromMirror: ""
search:
- registry.<our-domain>
store:
configFile: /home/fiesh/.config/containers/storage.conf
containerStore:
number: 435
paused: 0
running: 3
stopped: 432
graphDriverName: overlay
graphOptions: {}
graphRoot: /scratch/home/fiesh/containers
graphRootAllocated: 4398046511104
graphRootUsed: 422869336064
graphStatus:
Backing Filesystem: zfs
Native Overlay Diff: "true"
Supports d_type: "true"
Supports shifting: "false"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 256
runRoot: /run/user/1000/containers
transientStore: false
volumePath: /scratch/home/fiesh/containers/volumes
version:
APIVersion: 4.9.3
Built: 0
BuiltTime: Thu Jan 1 01:00:00 1970
GitCommit: ""
GoVersion: go1.22.2
Os: linux
OsArch: linux/amd64
Version: 4.9.3Podman in a container
No
Privileged Or Rootless
None
Upstream Latest Release
Yes
Additional environment details
No response
Additional information
No response