Support forwarding of '/var/run/docker.sock' on macOS

Cyberax · Cyberax · commit ed3f569d9efe · 2025-12-23T16:07:24.000-08:00
Podman Desktop doesn't support forwarding of sockets on macOS, but with
this hack we can work around it. This also brings podman-compose to
parity with the regular command line.

Signed-off-by: Aleksei Besogonov &lt;b@alex.net&gt;
diff --git a/newsfragments/macos_docker_socket.feature b/newsfragments/macos_docker_socket.feature
@@ -0,0 +1 @@
+Added support for `/var/run/docker.sock` forwarding on macOS in Podman Desktop.
diff --git a/podman_compose.py b/podman_compose.py
@@ -404,18 +404,28 @@ async def assert_volume(compose: PodmanCompose, mount_dict: dict[str, Any]) -> N
     if mount_dict["type"] == "bind":
         basedir = os.path.realpath(compose.dirname)
         mount_src = mount_dict["source"]
-        mount_src = os.path.realpath(os.path.join(basedir, os.path.expanduser(mount_src)))
-        if not os.path.exists(mount_src):
-            bind_opts = mount_dict.get("bind", {})
-            if "create_host_path" in bind_opts and not bind_opts["create_host_path"]:
-                raise ValueError(
-                    "invalid mount config for type 'bind': bind source path does not exist: "
-                    f"{mount_src}"
-                )
-            try:
-                os.makedirs(mount_src, exist_ok=True)
-            except OSError:
-                pass
+        is_darwin = os.uname().sysname == "Darwin"
+        if is_darwin and os.path.isabs(mount_src) and mount_src.endswith(".sock"):
+            # This is a hack to allow forwarding of "/var/run/docker.sock" on macOS using
+            # the Podman Desktop. This file normally resolves to something like
+            # "/private/var/folders/ph/3afd..../T/podman/podman-machine-default-api.sock".
+            # Podman Desktop doesn't support socket forwarding, but if we leave the path
+            # as unresolved, it will use the "/var/run/docker.sock" file from inside the
+            # Linux virtual machine.
+            mount_src = os.path.normpath(mount_src)
+        else:
+            mount_src = os.path.realpath(os.path.join(basedir, os.path.expanduser(mount_src)))
+            if not os.path.exists(mount_src):
+                bind_opts = mount_dict.get("bind", {})
+                if "create_host_path" in bind_opts and not bind_opts["create_host_path"]:
+                    raise ValueError(
+                        "invalid mount config for type 'bind': bind source path does not exist: "
+                        f"{mount_src}"
+                    )
+                try:
+                    os.makedirs(mount_src, exist_ok=True)
+                except OSError:
+                    pass
         mount_dict["source"] = mount_src
         return
     if mount_dict["type"] != "volume" or not vol or not vol.get("name"):
diff --git a/tests/integration/macos_docker_socket/__init__.py b/tests/integration/macos_docker_socket/__init__.py
@@ -0,0 +1 @@
+
diff --git a/tests/integration/macos_docker_socket/docker-compose.yaml b/tests/integration/macos_docker_socket/docker-compose.yaml
@@ -0,0 +1,14 @@
+version: '3'
+
+# The Podman socket is forwarded into the container's context
+services:
+  test-docker-in-docker:
+    build:
+      dockerfile_inline: |
+        FROM nopush/podman-compose-test
+        RUN apt install -y curl
+    security_opt:
+      - label=disable
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    command: ["curl", "-s", "--unix-socket", "/var/run/docker.sock", "http://v1.41/info"]
diff --git a/tests/integration/macos_docker_socket/test_macos_docker_socket.py b/tests/integration/macos_docker_socket/test_macos_docker_socket.py
@@ -0,0 +1,36 @@
+# SPDX-License-Identifier: GPL-2.0
+import os
+import unittest
+
+from tests.integration.test_utils import RunSubprocessMixin
+from tests.integration.test_utils import podman_compose_path
+from tests.integration.test_utils import test_path
+
+
+def compose_yaml_path() -> str:
+    return os.path.join(os.path.join(test_path(), "macos_docker_socket"), "docker-compose.yaml")
+
+
+class TestMacosDockerSocket(unittest.TestCase, RunSubprocessMixin):
+    def test_macos_docker_socket(self) -> None:
+        if os.uname().sysname != "Darwin":
+            self.skipTest("Test only runs on macOS")
+        if not os.path.exists("/var/run/docker.sock"):
+            self.skipTest("Docker compatibility is not turned on")
+
+        try:
+            self.run_subprocess_assert_returncode([
+                podman_compose_path(),
+                "-f",
+                compose_yaml_path(),
+                "run",
+                "--build",
+                "test-docker-in-docker",
+            ])
+        finally:
+            self.run_subprocess_assert_returncode([
+                podman_compose_path(),
+                "-f",
+                compose_yaml_path(),
+                "down",
+            ])

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+Added support for `/var/run/docker.sock` forwarding on macOS in Podman Desktop.