fix: Podman driver container creation fails on macOS with podman machine (host-gateway unsupported)

[jhjaggars]

Investigated the Podman compute driver's container creation path on macOS with podman machine (Apple HV / gvproxy).
Root cause found in crates/openshell-driver-podman/src/container.rs:
The container spec unconditionally injects hostadd entries using Podman's host-gateway magic word:

hostadd: vec![
    "host.containers.internal:host-gateway".into(),
    "host.openshell.internal:host-gateway".into(),
],

On macOS, podman machine runs the Podman API inside a Linux VM. The host-gateway keyword fails because the VM cannot resolve the macOS host's IP — Podman returns:

Error: preparing container for attach: unable to replace "host-gateway"
of host entry "host.containers.internal:host-gateway":
host containers internal IP address is empty

This prevents any sandbox container from being created via the Podman driver on macOS.
Additional finding: check_subuid_range() in driver.rs reads /etc/subuid which doesn't exist on macOS, generating a confusing warning at startup. The check is meaningless on macOS since podman machine runs as root inside the Linux VM.
Verified: DNS resolution via aardvark-dns works — host.containers.internal resolves to 192.168.127.254 (gvproxy's standard GatewayVirtualIp) on the bridge network. The macOS host is reachable at that IP from inside containers.
Related: #1519 reports the same networking problem through the Docker driver path (Podman with libkrun detected as Docker). This issue covers the native Podman driver path.
Actual behavior: openshell sandbox create fails immediately on macOS with the Podman driver. The Podman API rejects the container spec because host-gateway cannot resolve inside podman machine.
Expected behavior: The Podman driver should detect macOS and inject the macOS host's IP explicitly instead of relying on host-gateway.
Add a host_gateway_ip config field to PodmanComputeConfig (mirroring the Docker driver's existing host_gateway_ip pattern). When set, the container spec uses the explicit IP instead of host-gateway:

hostadd: match &config.host_gateway_ip {
    Some(ip) => vec![
        format!("host.containers.internal:{ip}"),
        format!("host.openshell.internal:{ip}"),
    ],
    None => vec![
        "host.containers.internal:host-gateway".into(),
        "host.openshell.internal:host-gateway".into(),
    ],
},

On macOS, host_gateway_ip defaults to 192.168.127.254 — gvproxy's standard GatewayVirtualIp constant from containers/gvisor-tap-vsock. Overridable via OPENSHELL_PODMAN_HOST_GATEWAY_IP for non-standard network configurations. On Linux, the field is None and existing host-gateway behavior is unchanged.
Also gates check_subuid_range() behind !cfg!(target_os = "macos") to suppress the irrelevant warning.
Tested end-to-end on macOS (Apple Silicon) with podman machine:

• Gateway starts, connects to Podman, auto-detects gRPC endpoint
• Sandbox container created and started — no host-gateway error
• /etc/hosts inside container shows 192.168.127.254 for both host aliases
• Supervisor authenticates via gateway-minted JWT and connects back successfully
• Sandbox reaches healthy state

1. macOS with podman machine running (Apple HV or QEMU)
2. Build and start the gateway with OPENSHELL_DRIVERS=podman
3. openshell sandbox create --name test
4. Container creation fails with host containers internal IP address is empty

• OS: macOS (Darwin 25.5.0, arm64)
• Podman Client: 5.8.1 (darwin/arm64)
• Podman Server: 5.5.2 (linux/arm64, inside podman machine)
• podman machine: Apple HV, Fedora CoreOS 41
• OpenShell: dev branch

[maxamillion]

cc @cgwalters I don't have a Mac so I can't test this, but if you have a chance and can take a look that would be greatly appreciated!

[TaylorMutch]

📋 triage-agent

Triage Assessment

Classification: duplicate

Summary

This is a credible bug report, but it is already covered by #1307. Both reports target the native Podman driver on macOS where sandbox creation fails because Podman rejects host-gateway host entries inside podman machine with host containers internal IP address is empty.

Investigation

The current Podman container spec unconditionally injects host.containers.internal:host-gateway and host.openshell.internal:host-gateway in crates/openshell-driver-podman/src/container.rs:540. PodmanComputeConfig does not currently expose the Docker driver style host_gateway_ip override, while the Docker driver has that config surface in crates/openshell-driver-docker/src/lib.rs:168 and parses it at crates/openshell-driver-docker/src/lib.rs:1853.

The additional check_subuid_range() finding also matches the code path: non-root Podman startup calls the subuid/subgid preflight in crates/openshell-driver-podman/src/driver.rs:198, and that helper reads /etc/subuid and /etc/subgid in crates/openshell-driver-podman/src/driver.rs:637, which is not useful for macOS podman machine.

#1307 already tracks the same native Podman-driver host-gateway failure on macOS with the same error text and the same gvproxy-IP fix direction. #1519 is related but separate because it covers the Docker-compatible driver path.

Recommendation

Closing this as a duplicate of #1307. The explicit gvproxy-IP/host_gateway_ip fix direction and the macOS subuid-warning cleanup should be carried into the existing issue or its PR. Triage has not applied state:agent-ready; that remains a human gate.

[TaylorMutch]

To clarify on top of the agent description, this is still a good bug to address. Just carrying back the context to the first bug report, and will look into addressing it. Thank you for the report!