Ubuntu
systemd package

  1. Bug #1877159
  2. Comment #3

Comment 3 for bug 1877159

Revision history for this message
Simon Déziel (sdeziel) wrote :

Steps to reproduce:

lxc launch images:ubuntu/bionic --vm -c security.secureboot=false foo
sleep 10 # allow booting
lxc exec foo -- apt install -y software-properties-common
lxc exec foo -- add-apt-repository -y ppa:wireguard/wireguard
lxc exec foo -- apt install -y wireguard-tools

cat << EOF | lxc exec foo -- tee /etc/systemd/network/wg0.netdev
# foo
[NetDev]
Name=wg0
Kind=wireguard

[WireGuard]
ListenPort=5555
PrivateKey=cBkljQSKhtEe/U8GZmCAk2MBbKWL4TLC9PVtbMFyCVQ=

[WireGuardPeer]
PublicKey=emfIuZ3hZ+AnWIrKex/EqCp2mfzip8AxJu6RuweyRGc=
AllowedIPs=192.168.255.2
Endpoint=bar.lxd:5555
EOF

cat << EOF | lxc exec foo -- tee /etc/systemd/network/wg0.network
# foo
[Match]
Name=wg0

[Network]
Address=192.168.255.1/24
EOF

lxc exec foo -- systemctl restart systemd-networkd

lxc launch images:ubuntu/bionic --vm -c security.secureboot=false bar
sleep 10 # allow booting
lxc exec bar -- apt install -y software-properties-common
lxc exec bar -- add-apt-repository -y ppa:wireguard/wireguard
lxc exec bar -- apt install -y wireguard-tools

cat << EOF | lxc exec bar -- tee /etc/systemd/network/wg0.netdev
# bar
[NetDev]
Name=wg0
Kind=wireguard

[WireGuard]
ListenPort=5555
PrivateKey=AHNwUJjVO939UYnp+SjrxYDa1ZlU1uIToCF9CHUitXE=

[WireGuardPeer]
PublicKey=7TJBZdnkY8zMRVPACZSxT6xL2pAi7/IL4R1DGeThEhY=
AllowedIPs=192.168.255.1
Endpoint=foo.lxd:5555
EOF

cat << EOF | lxc exec bar -- tee /etc/systemd/network/wg0.network
# bar
[Match]
Name=wg0

[Network]
Address=192.168.255.2/24
EOF

lxc exec bar -- systemctl restart systemd-networkd

# test connectivity
lxc exec foo -- ping -qc2 192.168.255.2

# notice the invalid length in dmesg
$ lxc exec foo -- journalctl -kn 8
-- Logs begin at Mon 2020-05-11 16:56:40 UTC, end at Mon 2020-05-11 17:03:46 UTC. --
May 11 16:58:25 foo kernel: nf_tables: (c) 2007-2009 Patrick McHardy <email address hidden>
May 11 17:01:57 foo kernel: PKCS#7 signature not signed with a trusted key
May 11 17:01:57 foo kernel: wireguard: module verification failed: signature and/or required key missing - tainting kernel
May 11 17:01:57 foo kernel: wireguard: WireGuard 1.0.20200429 loaded. See www.wireguard.com for information.
May 11 17:01:57 foo kernel: wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld <email address hidden>. All Rights Reserved.
May 11 17:01:57 foo kernel: netlink: 'systemd-network': attribute type 5 has an invalid length.
May 11 17:01:57 foo kernel: netlink: 'systemd-network': attribute type 5 has an invalid length.
May 11 17:02:23 foo kernel: netlink: 'systemd-network': attribute type 5 has an invalid length.