Aardvark doesn't get started in rootless mode on a system with system-wide but not per-user systemd

[Orochimarufan]

Netavark assumes it can systemd-run --user aardvark after only checking for system-wide systemd (/var/run/systemd). This may not always be the case (e.g. disabled pam_systemd for some reason).

I realize that these are weird circumstances and they also cause issues wrt control groups, but podman appears to work perfectly fine otherwise.

I have a local patch that skips systemd-run and everything works as expected. I'm not sure what the official solution to this should be, but currently it silently breaks all dns resolution in the container. At least there should be a diagnostic (there probably should be whenever aardvark fails to get started for any reason). Perhaps there's a solution to be found in checking for the user instance after (and only if) the opportunistic systemd-run attempt has failed, so as to not slow down the (overwhelmingly) common case. Unfortunately, the check seems to be a lot less trivial than checking whether or not a constant path exists.

[Luap99]

netavark/src/dns/aardvark.rs

Line 93 in eb4e5d3

// TODO: This could be replaced by systemd-api.

we should query the systemd user session in netavark to check if it is working, contributions welcome

Also with netavark 1.12 it will now return a proper error to the user and fail to start the container I think.