2019-04-18 14:55:44 |
Ko-Zu |
bug |
|
|
added bug |
2019-04-23 16:07:46 |
Dan Streetman |
bug |
|
|
added subscriber Dan Streetman |
2019-04-26 02:25:46 |
Ko-Zu |
tags |
disco systemd-networkd |
disco regression systemd-networkd |
|
2019-05-08 01:05:00 |
Launchpad Janitor |
systemd (Ubuntu): status |
New |
Confirmed |
|
2019-05-15 20:28:35 |
Dan Streetman |
nominated for series |
|
Ubuntu Eoan |
|
2019-05-15 20:28:35 |
Dan Streetman |
bug task added |
|
systemd (Ubuntu Eoan) |
|
2019-05-15 20:28:35 |
Dan Streetman |
nominated for series |
|
Ubuntu Disco |
|
2019-05-15 20:28:35 |
Dan Streetman |
bug task added |
|
systemd (Ubuntu Disco) |
|
2019-05-15 20:28:40 |
Dan Streetman |
systemd (Ubuntu Eoan): status |
Confirmed |
In Progress |
|
2019-05-15 20:28:42 |
Dan Streetman |
systemd (Ubuntu Disco): status |
New |
In Progress |
|
2019-05-15 20:28:44 |
Dan Streetman |
systemd (Ubuntu Eoan): importance |
Undecided |
Medium |
|
2019-05-15 20:28:45 |
Dan Streetman |
systemd (Ubuntu Disco): importance |
Undecided |
Medium |
|
2019-05-15 20:28:47 |
Dan Streetman |
systemd (Ubuntu Eoan): assignee |
|
Dan Streetman (ddstreet) |
|
2019-05-15 20:28:49 |
Dan Streetman |
systemd (Ubuntu Disco): assignee |
|
Dan Streetman (ddstreet) |
|
2019-05-15 20:46:09 |
Dan Streetman |
description |
systemd/disco 240 shipped with Ubuntu 19.04 beta does not set endpoints for [WireguradPeer] properly.
This regression was introduced in v241 and merged into v240.
systemd 241 doesn't set wireguard peer endpoint
https://github.com/systemd/systemd/issues/11579
Revert of the regression was landed on v240 stable branch
https://github.com/systemd/systemd-stable/pull/39
1)2) confirmed with,
systemd/disco 240-6ubuntu5 amd64
3)
put a netdev file /etc/systemd/network/wg0.netdev
---
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=**************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
----
and run
---
# systemctl restart systemd-networkd
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
----
4)
the last command should print remote endpoint address.
---
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
---- |
[impact]
systemd does not set endpoints for wireguard interfaces correctly. This makes wireguard unusable.
[test case]
install a disco or eoan system and set up a wireguard interface:
$ sudo add-apt-repository ppa:wireguard/wireguard
$ sudo apt install wireguard
...(this does a lot of stuff)...
set up a wireguard server on a separate (pre-disco) system
(I used instructions from https://www.linode.com/docs/networking/vpn/set-up-wireguard-vpn-on-ubuntu/#configure-wireguard-server)
create a file as below; the private key doesn't matter (can create one with 'wg genkey'), but the WireGuardPeer public key and ip addresses should match what the wireguard server set up above is using:
$ cat /etc/systemd/network/wg0.netdev
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=*************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
$ sudo systemctl restart systemd-networkd
$ sudo wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
the last command should print remote endpoint address, e.g.:
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
[regression potential]
any changes to systemd contain the potential for serious regressions. However, this is cherry picked directly from upstream, with the releases requiring patching (disco and eoan) being at exactly the same version and very close to upstream already. Additionally, while this does add 2 new functions (from upstream commit https://github.com/systemd/systemd/pull/11580/commits/abd48ec87f2ac5dd571a99dcb4db88c4affdffc8), they are only used - and code is only changed in - wireguard.c, so any regressions should be limited to wireguard interfaces (unless systemd crashes completely).
[other info]
original description:
---
systemd/disco 240 shipped with Ubuntu 19.04 beta does not set endpoints for [WireguradPeer] properly.
This regression was introduced in v241 and merged into v240.
systemd 241 doesn't set wireguard peer endpoint
https://github.com/systemd/systemd/issues/11579
Revert of the regression was landed on v240 stable branch
https://github.com/systemd/systemd-stable/pull/39
1)2) confirmed with,
systemd/disco 240-6ubuntu5 amd64
3)
put a netdev file /etc/systemd/network/wg0.netdev
---
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=**************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
----
and run
---
# systemctl restart systemd-networkd
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
----
4)
the last command should print remote endpoint address.
---
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
---- |
|
2019-05-15 20:48:21 |
Dan Streetman |
description |
[impact]
systemd does not set endpoints for wireguard interfaces correctly. This makes wireguard unusable.
[test case]
install a disco or eoan system and set up a wireguard interface:
$ sudo add-apt-repository ppa:wireguard/wireguard
$ sudo apt install wireguard
...(this does a lot of stuff)...
set up a wireguard server on a separate (pre-disco) system
(I used instructions from https://www.linode.com/docs/networking/vpn/set-up-wireguard-vpn-on-ubuntu/#configure-wireguard-server)
create a file as below; the private key doesn't matter (can create one with 'wg genkey'), but the WireGuardPeer public key and ip addresses should match what the wireguard server set up above is using:
$ cat /etc/systemd/network/wg0.netdev
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=*************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
$ sudo systemctl restart systemd-networkd
$ sudo wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
the last command should print remote endpoint address, e.g.:
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
[regression potential]
any changes to systemd contain the potential for serious regressions. However, this is cherry picked directly from upstream, with the releases requiring patching (disco and eoan) being at exactly the same version and very close to upstream already. Additionally, while this does add 2 new functions (from upstream commit https://github.com/systemd/systemd/pull/11580/commits/abd48ec87f2ac5dd571a99dcb4db88c4affdffc8), they are only used - and code is only changed in - wireguard.c, so any regressions should be limited to wireguard interfaces (unless systemd crashes completely).
[other info]
original description:
---
systemd/disco 240 shipped with Ubuntu 19.04 beta does not set endpoints for [WireguradPeer] properly.
This regression was introduced in v241 and merged into v240.
systemd 241 doesn't set wireguard peer endpoint
https://github.com/systemd/systemd/issues/11579
Revert of the regression was landed on v240 stable branch
https://github.com/systemd/systemd-stable/pull/39
1)2) confirmed with,
systemd/disco 240-6ubuntu5 amd64
3)
put a netdev file /etc/systemd/network/wg0.netdev
---
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=**************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
----
and run
---
# systemctl restart systemd-networkd
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
----
4)
the last command should print remote endpoint address.
---
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
---- |
[impact]
systemd does not set endpoints for wireguard interfaces correctly. This makes wireguard unusable.
[test case]
install a disco or eoan system and set up a wireguard interface:
$ sudo add-apt-repository ppa:wireguard/wireguard
$ sudo apt install wireguard
...(this does a lot of stuff)...
set up a wireguard server on a separate (pre-disco) system
(I used instructions from https://www.linode.com/docs/networking/vpn/set-up-wireguard-vpn-on-ubuntu/#configure-wireguard-server)
create a file as below; the private key doesn't matter (can create one with 'wg genkey'), but the WireGuardPeer public key and ip addresses should match what the wireguard server set up above is using:
$ cat /etc/systemd/network/wg0.netdev
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=*************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
$ sudo systemctl restart systemd-networkd
$ sudo wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
the last command should print remote endpoint address, e.g.:
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
[regression potential]
any changes to systemd contain the potential for serious regressions. However, this is cherry picked directly from upstream, with the releases requiring patching (disco and eoan) being at exactly the same version and very close to upstream already. Additionally, while this does add 2 new functions (from upstream commit https://github.com/systemd/systemd/pull/11580/commits/abd48ec87f2ac5dd571a99dcb4db88c4affdffc8), they are only used - and code is only changed in - wireguard.c, so any regressions should be limited to wireguard interfaces (unless systemd crashes completely).
[other info]
this bug is not present in cosmic and earlier, and is already fixed in upstream systemd, so this is needed only for disco and eoan.
original description:
---
systemd/disco 240 shipped with Ubuntu 19.04 beta does not set endpoints for [WireguradPeer] properly.
This regression was introduced in v241 and merged into v240.
systemd 241 doesn't set wireguard peer endpoint
https://github.com/systemd/systemd/issues/11579
Revert of the regression was landed on v240 stable branch
https://github.com/systemd/systemd-stable/pull/39
1)2) confirmed with,
systemd/disco 240-6ubuntu5 amd64
3)
put a netdev file /etc/systemd/network/wg0.netdev
---
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=**************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
----
and run
---
# systemctl restart systemd-networkd
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
----
4)
the last command should print remote endpoint address.
---
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
---- |
|
2019-05-15 20:48:31 |
Dan Streetman |
tags |
disco regression systemd-networkd |
ddstreet-next disco regression systemd-networkd |
|
2019-05-16 08:31:49 |
Ko-Zu |
description |
[impact]
systemd does not set endpoints for wireguard interfaces correctly. This makes wireguard unusable.
[test case]
install a disco or eoan system and set up a wireguard interface:
$ sudo add-apt-repository ppa:wireguard/wireguard
$ sudo apt install wireguard
...(this does a lot of stuff)...
set up a wireguard server on a separate (pre-disco) system
(I used instructions from https://www.linode.com/docs/networking/vpn/set-up-wireguard-vpn-on-ubuntu/#configure-wireguard-server)
create a file as below; the private key doesn't matter (can create one with 'wg genkey'), but the WireGuardPeer public key and ip addresses should match what the wireguard server set up above is using:
$ cat /etc/systemd/network/wg0.netdev
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=*************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
$ sudo systemctl restart systemd-networkd
$ sudo wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
the last command should print remote endpoint address, e.g.:
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
[regression potential]
any changes to systemd contain the potential for serious regressions. However, this is cherry picked directly from upstream, with the releases requiring patching (disco and eoan) being at exactly the same version and very close to upstream already. Additionally, while this does add 2 new functions (from upstream commit https://github.com/systemd/systemd/pull/11580/commits/abd48ec87f2ac5dd571a99dcb4db88c4affdffc8), they are only used - and code is only changed in - wireguard.c, so any regressions should be limited to wireguard interfaces (unless systemd crashes completely).
[other info]
this bug is not present in cosmic and earlier, and is already fixed in upstream systemd, so this is needed only for disco and eoan.
original description:
---
systemd/disco 240 shipped with Ubuntu 19.04 beta does not set endpoints for [WireguradPeer] properly.
This regression was introduced in v241 and merged into v240.
systemd 241 doesn't set wireguard peer endpoint
https://github.com/systemd/systemd/issues/11579
Revert of the regression was landed on v240 stable branch
https://github.com/systemd/systemd-stable/pull/39
1)2) confirmed with,
systemd/disco 240-6ubuntu5 amd64
3)
put a netdev file /etc/systemd/network/wg0.netdev
---
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=**************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
----
and run
---
# systemctl restart systemd-networkd
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
----
4)
the last command should print remote endpoint address.
---
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
---- |
[impact]
systemd does not set endpoints for wireguard interfaces correctly. This makes wireguard unusable.
[test case]
install a disco or eoan system and set up a wireguard interface:
$ sudo add-apt-repository ppa:wireguard/wireguard
$ sudo apt install wireguard
...(this does a lot of stuff)...
create a file as below; There is no need to setup remote server to reproduce this issue, but PublicKey/PrivateKey should be valid one (used instructions from https://www.linode.com/docs/networking/vpn/set-up-wireguard-vpn-on-ubuntu/#configure-wireguard-server):
$ cat /etc/systemd/network/wg0.netdev
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=uMuCbguKYdKanRYMbDSriIdgxGxJR57Us1zEy8wRc1M=
ListenPort=51820
[WireGuardPeer]
PublicKey=ZRyl+kvb6o2/6Da5YLum6GnSrzDj3J002+2kmK5CnS4=
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
$ sudo systemctl restart systemd-networkd
$ sudo wg show wg0
interface: wg0
public key: BnvFgvPiVb5xURfzZ5liV1P77qeGeJDIX3C1iNquA2k=
private key: (hidden)
listening port: 51820
peer: ZRyl+kvb6o2/6Da5YLum6GnSrzDj3J002+2kmK5CnS4=
allowed ips: 10.0.0.0/8
the last command should print remote endpoint address, e.g.:
peer: ZRyl+kvb6o2/6Da5YLum6GnSrzDj3J002+2kmK5CnS4=
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
[regression potential]
any changes to systemd contain the potential for serious regressions. However, this is cherry picked directly from upstream, with the releases requiring patching (disco and eoan) being at exactly the same version and very close to upstream already. Additionally, while this does add 2 new functions (from upstream commit https://github.com/systemd/systemd/pull/11580/commits/abd48ec87f2ac5dd571a99dcb4db88c4affdffc8), they are only used - and code is only changed in - wireguard.c, so any regressions should be limited to wireguard interfaces (unless systemd crashes completely).
[other info]
this bug is not present in cosmic and earlier, and is already fixed in upstream systemd, so this is needed only for disco and eoan.
original description:
---
systemd/disco 240 shipped with Ubuntu 19.04 beta does not set endpoints for [WireguradPeer] properly.
This regression was introduced in v241 and merged into v240.
systemd 241 doesn't set wireguard peer endpoint
https://github.com/systemd/systemd/issues/11579
Revert of the regression was landed on v240 stable branch
https://github.com/systemd/systemd-stable/pull/39
1)2) confirmed with,
systemd/disco 240-6ubuntu5 amd64
3)
put a netdev file /etc/systemd/network/wg0.netdev
---
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=**************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
----
and run
---
# systemctl restart systemd-networkd
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
----
4)
the last command should print remote endpoint address.
---
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
---- |
|
2019-05-17 20:21:45 |
Dan Streetman |
nominated for series |
|
Ubuntu Cosmic |
|
2019-05-17 20:21:45 |
Dan Streetman |
bug task added |
|
systemd (Ubuntu Cosmic) |
|
2019-05-17 20:21:50 |
Dan Streetman |
systemd (Ubuntu Cosmic): status |
New |
Invalid |
|
2019-05-21 01:31:33 |
Lorenz Brun |
bug |
|
|
added subscriber Lorenz Brun |
2019-05-29 07:05:38 |
Ryan Carter |
bug |
|
|
added subscriber Ryan Carter |
2019-05-29 16:29:30 |
Dan Streetman |
attachment added |
|
lp1825378-eoan.debdiff https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1825378/+attachment/5267419/+files/lp1825378-eoan.debdiff |
|
2019-05-29 18:08:27 |
Dimitri John Ledkov |
systemd (Ubuntu Eoan): status |
In Progress |
Fix Committed |
|
2019-05-29 20:21:43 |
Ubuntu Foundations Team Bug Bot |
tags |
ddstreet-next disco regression systemd-networkd |
ddstreet-next disco patch regression systemd-networkd |
|
2019-05-30 12:29:36 |
Dan Streetman |
tags |
ddstreet-next disco patch regression systemd-networkd |
disco patch regression systemd-networkd |
|
2019-05-31 12:50:29 |
jrb0001 |
bug |
|
|
added subscriber jrb0001 |
2019-05-31 13:33:03 |
Timo Aaltonen |
systemd (Ubuntu Disco): status |
In Progress |
Fix Committed |
|
2019-05-31 13:33:05 |
Timo Aaltonen |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2019-05-31 13:33:07 |
Timo Aaltonen |
bug |
|
|
added subscriber SRU Verification |
2019-05-31 13:33:13 |
Timo Aaltonen |
tags |
disco patch regression systemd-networkd |
disco patch regression systemd-networkd verification-needed verification-needed-disco |
|
2019-05-31 15:36:11 |
Ko-Zu |
tags |
disco patch regression systemd-networkd verification-needed verification-needed-disco |
disco patch regression systemd-networkd verification-done-disco verification-needed |
|
2019-05-31 18:52:45 |
Dan Streetman |
tags |
disco patch regression systemd-networkd verification-done-disco verification-needed |
disco patch regression systemd-networkd verification-done verification-done-disco |
|
2019-06-05 01:33:15 |
Launchpad Janitor |
systemd (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
2019-06-10 14:21:27 |
Launchpad Janitor |
systemd (Ubuntu Disco): status |
Fix Committed |
Fix Released |
|
2019-06-10 14:21:39 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|