[3049089299] Upstream Reporter: Justin Grote
Upstream issue status: Open
Upstream description:

Issue Description

Context: https://github.com/microsoft/vscode-remote-release/issues/10927

When opening a vscode devcontainer using the WSL podman-machine-default image, the nested prompting that it performs causes the userEnvProbe probe to fail. The image should either:

1. Remove this nested namespace
2. Detect in the /etc/profile startup if a devcontainer is being started and skip the nesting portion.

Steps to reproduce the issue

Steps to reproduce the issue

1. Default Podman Install On Windows
2. Check out a devcontainer repository (ex. github.com/JustinGrote/ExcelFast)
3. Choose "Reopen in Devcontainer" locally
4. Note error in the devcontainer startup logs (does not prevent container from starting but introduces significant delay

Describe the results you received

[2255 ms] Start: Run in Host: /bin/sh 
[2259 ms] Start: Run in container: for pid in `cd /proc && ls -d [0-9]*`; do { echo $pid ; readlink /proc/$pid/cwd || echo ; readlink /proc/$pid/ns/mnt || echo ; cat /proc/$pid/stat | tr "
[2468 ms] userEnvProbe is taking longer than 2 seconds. Process tree:
  53231: /bin/bash -lic echo -n 2598e640-8381-4856-bb3e-f1b5e4e508f3; cat /proc/self/environ; echo -n 2598e640-8381-4856-bb3e-f1b5e4e508f3 
    53247: /bin/bash /usr/local/bin/enterns 
      53252: sudo nsenter -m -p -t 19 --wd=/home/user su -l user 
        53254: sudo nsenter -m -p -t 19 --wd=/home/user su -l user 
          53255: nsenter -m -p -t 19 --wd=/home/user su -l user 
            53256: su -l user 
              53257: -bash 
[10264 ms] userEnvProbe is taking longer than 10 seconds. Avoid waiting for user input in your shell's startup scripts. Continuing.

Describe the results you expected

Container starts with no issues

podman info output

Client:   APIVersion: 5.4.2
  Built: 1743611594
  BuiltTime: Wed Apr  2 09:33:14 2025
  GitCommit: be85287fcf4590961614ee37be65eeb315e5d9ff
  GoVersion: go1.24.2
  Os: windows
  OsArch: windows/amd64
  Version: 5.4.2
host:   arch: amd64
  buildahVersion: 1.39.4
  cgroupControllers:   - cpuset
  - cpu
  - cpuacct
  - blkio
  - memory
  - devices
  - freezer
  - net_cls
  - perf_event
  - net_prio
  - hugetlb
  - pids
  - rdma
  - misc
  cgroupManager: cgroupfs
  cgroupVersion: v1
  conmon:     package: conmon-2.1.13-1.fc41.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.13, commit: '
  cpuUtilization:     idlePercent: 99.69
    systemPercent: 0.17
    userPercent: 0.13
  cpus: 6
  databaseBackend: sqlite
  distribution:     distribution: fedora
    variant: container
    version: "41"
  eventLogger: journald
  freeLocks: 2044
  hostname: Tinygod
  idMappings:     gidmap: null
    uidmap: null
  kernel: 5.15.167.4-microsoft-standard-WSL2
  linkmode: dynamic
  logDriver: journald
  memFree: 5342990336
  memTotal: 8133218304
  networkBackend: netavark
  networkBackendInfo:     backend: netavark
    dns:       package: aardvark-dns-1.14.0-1.fc41.x86_64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.14.0
    package: netavark-1.14.1-1.fc41.x86_64
    path: /usr/libexec/podman/netavark
    version: netavark 1.14.1
  ociRuntime:     name: crun
    package: crun-1.21-1.fc41.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.21
      commit: 10269840aa07fb7e6b7e1acff6198692d8ff5c88
      rundir: /run/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
  os: linux
  pasta:     executable: /usr/bin/pasta
    package: passt-0^20250415.g2340bbf-1.fc41.x86_64
    version: ""
  remoteSocket:     exists: true
    path: unix:///run/podman/podman.sock
  rootlessNetworkCmd: pasta
  security:     apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: true
  slirp4netns:     executable: ""
    package: ""
    version: ""
  swapFree: 2147483648
  swapTotal: 2147483648
  uptime: 4h 16m 21.00s (Approximately 0.17 days)
  variant: ""
plugins:   authorization: null
  log:   - k8s-file
  - none
  - passthrough
  - journald
  network:   - bridge
  - macvlan
  - ipvlan
  volume:   - local
registries:   search:   - docker.io
store:   configFile: /usr/share/containers/storage.conf
  containerStore:     number: 3
    paused: 0
    running: 1
    stopped: 2
  graphDriverName: overlay
  graphOptions:     overlay.additionalImageStores:     - /usr/lib/containers/storage
    overlay.imagestore: /usr/lib/containers/storage
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /var/lib/containers/storage
  graphRootAllocated: 1081101176832
  graphRootUsed: 12537241600
  graphStatus:     Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "true"
  imageCopyTmpDir: /var/tmp
  imageStore:     number: 4
  runRoot: /run/containers/storage
  transientStore: false
  volumePath: /var/lib/containers/storage/volumes
version:   APIVersion: 5.4.2
  BuildOrigin: Fedora Project
  Built: 1743552000
  BuiltTime: Tue Apr  1 17:00:00 2025
  GitCommit: be85287fcf4590961614ee37be65eeb315e5d9ff
  GoVersion: go1.23.7
  Os: linux
  OsArch: linux/amd64
  Version: 5.4.2

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

Additional environment details

Additional information

Workaround: Delete /etc/profile from the WSL image since I never log into it interactively anyways.