macOS Podman Fails Due to Connection Reset due to Running Cargo on Mounted Volume

[Alexhuszagh]

Checklist

• I've looked through the issues and pull requests for similar reports

Describe your issue

Any attempt to use podman on macOS fails, while Docker works, even if SELinux labels are removed (#756 and containers/podman#13631) due to the connection being reset when a binary is run that is mounted on the host. This is an issue because we mount the Rust toolchain from the host into the container, and then run the mounted toolchain, meaning any build will fail. The upstream issues are containers/podman#14492 and containers/podman#14142.

What target(s) are you cross-compiling for?

any target

Which operating system is the host (e.g computer cross is on) running?

• macOS
• Windows
• Linux / BSD
• other OS (specify in description)

What architecture is the host?

• x86_64 / AMD64
• arm32
• arm64 (including Mac M1)

What container engine is cross using?

• docker
• podman
• other container engine (specify in description)

cross version

any, unrelated to cross directly

Example

A simple example that causes failure on any macOS system is:

mkdir tmp
podman run -it --rm \
    -v "$PWD/tmp":/opt/tmp \
    ubuntu:20.04 \
    bash -c "cp /usr/bin/dpkg /opt/tmp && /opt/tmp/dpkg --version"

Running the same code, except using docker as the container engine works.

Additional information / notes

We might want to warn users that podman on macOS is currently unsupported on the Wiki?

[otavio]

Couldn't we warn user when the tool runs as well? We could check if it is running on macOS and if the engine is podman, error out.

[Alexhuszagh]

Couldn't we warn user when the tool runs as well? We could check if it is running on macOS and if the engine is podman, error out.

I think a warning is good, I'm worried if the upstream issue is patched we might error out even though it works, especially if we have a release and the patch in podman is submitted before our next release.

[Alexhuszagh]

This actually works when using cross remote, and does not reset when using the mounted data volumes. It seems only bind mounts are affected.

[rnhurt]

I'm having this same problem while trying to cross compile a simple program for AWS Graviton from my MBP M1 machine.

CROSS_CONTAINER_ENGINE=podman cross build --target aarch64-unknown-linux-gnu

I'm very new to the Rust echosystem so I'm not really sure what I'm doing. Is this something I can correct with a configuration or something? @Alexhuszagh mentioned using cross remote, but I'm not quite sure what that is or if would help me.

[Alexhuszagh]

I'm having this same problem while trying to cross compile a simple program for AWS Graviton from my MBP M1 machine.

CROSS_CONTAINER_ENGINE=podman cross build --target aarch64-unknown-linux-gnu

I'm very new to the Rust echosystem so I'm not really sure what I'm doing. Is this something I can correct with a configuration or something? @Alexhuszagh mentioned using cross remote, but I'm not quite sure what that is or if would help me.

The better solution would be to use Docker, but you can use cross remote (this requires copying data to and from a data volume, so it's a bit slower than normal). If you use a persistent data volume and the remote server is on the same machine as the client, then the performance impact won't be too bad. See the remote section on our wiki.

EDIT: If you're using the local host, you can omit DOCKER_HOST when using Docker, but you may need to configure the remote host with podman for podman-remote (just set to the local machine). Let me know if this isn't clear, so we can update the documentation.