`podman build` injects empty `/etc/resolv.conf` into generated layers

[cgwalters]

Description

$ rpm -q podman
podman-4.2.0-2.fc36.x86_64
$ cat Dockerfile
FROM quay.io/fedora/fedora:36
RUN touch /etc/blah
$ podman build -t localhost/test .
$ skopeo copy containers-storage:localhost/test oci:test:latest
$ tar tvf test/blobs/sha256/e2deb0a4365096c1259670b1b825a6574a0db6c6aaab74fdb37c6561d48dd886 
drwxr-xr-x root/root         0 2022-09-13 19:22 etc/
-rw-r--r-- root/root         0 2022-09-13 19:22 etc/blah
-rwx------ root/root         0 2022-09-13 19:22 etc/resolv.conf

Describe the results you received:

Empty /etc/resolv.conf

Describe the results you expected:

No such file. For work on https://fedoraproject.org/wiki/Changes/OstreeNativeContainer we want to have clean content. This issue is very similar to https://github.com/containers/buildah/issues/3523

Output of podman version if reporting a podman build issue:

Client:       Podman Engine
Version:      4.2.0
API Version:  4.2.0
Go Version:   go1.18.4
Built:        Thu Aug 11 14:42:17 2022
OS/Arch:      linux/amd64

Output of cat /etc/*release:

NAME="Fedora Linux"
VERSION="36.20220909.dev.1 (CoreOS)"

[cgwalters]

(Just like https://github.com/containers/buildah/issues/3523 - docker build doesn't reproduce this problem)

[cgwalters]

Ah sorry now that I dig a bit this was discussed in https://github.com/containers/buildah/pull/3525 but not resolved there.

I do think we should also fix /etc here.

[rhatdan]

One issue with removing the inode is it prevents the use of readonly containers. I think Docker has two overlays mounted. The intermediate overlay is for changes it makes.

[github-actions[bot]]

A friendly reminder that this issue had no activity for 30 days.