Podman containers fail after system upgrade - missing nftables

theben_m · Yesterday 12:42:36

I am not completely sure where to put this - i think this might be a dependency issue of one of the podman packages.

Todays pcaman -Syu broke some/all of my podman containers. Containers failed with the following message:

Jan 12 12:23:05 <host> <container>: Error: netavark: nftables error: unable to execute "nft": No such file or directory (os error 2)

I was able to solve this by manually installing nftables package.

My setup uses rootful podman containers operated by systemd (Podman Quadlet).

Edit: Last pcaman -Syu might have been some while ago - Dec 04 14:54:58

Last edited by theben_m (Yesterday 12:48:21)

WorMzy · Yesterday 15:35:47

https://gitlab.archlinux.org/archlinux/ … 69023e6dd9
https://github.com/containers/netavark/ … 45003975c7

TL;DR support for iptables (the previous default) has been dropped by netavark, so the new default is nftables.

Side note: you may want to switch to using crun instead of runc -- the former depends on nftables via criu, but the latter only optdepends on criu.

I'm not sure if the lack of explicit dependency on nftables is a bug in runc, since netavark isn't technically the default network backend. It may be worth opening a ticket on the gitlab to raise it with the maintainer.

theben_m · Yesterday 22:43:41

It seems this happens when podman was installed prior to the change of the default from runc to crun. The podman package itself depends on oci-runtime (crun, runc, krun). So pacman never sees any issue.

I am a bit lost on who to raise this with - do you suggest the runc maintaier on the archlinux gitlab (https://gitlab.archlinux.org/archlinux/ … kages/runc)?

Arch Linux

#1 Yesterday 12:42:36

Podman containers fail after system upgrade - missing nftables

#2 Yesterday 15:35:47

Re: Podman containers fail after system upgrade - missing nftables

#3 Yesterday 22:43:41

Re: Podman containers fail after system upgrade - missing nftables

Board footer