This might be considered a reply to: https://lists.debian.org/debian-user/2022/02/msg00118.html or the couple of threads around: https://lists.debian.org/debian-user/2021/09/msg01052.html or even: https://lists.debian.org/debian-user/2019/04/msg01013.html
Now that wicd has gone (no Python2), and allegedly wpasupplicant is not long for this world, I was casting round for a simple way to run iwd + resolvconf + systemd-networkd as replacement. iwd Highly functional & low resource & DHCP client. Minimally documented¹, only does wifi (no wired) resolvconf Should configure varying nameservers into resolv.conf for different networks/interfaces. systemd-networkd Runs the wired interfaces. As the debian-installer installs wpasupplicant, this is necessarily a conversion process, outlined briefly here, a combination of howto and diary: Install iwd, and resolvconf if necessary. You may then need to reboot if the wifi interface has already been renamed by the kernel, ie if it's not wlan0. (With buster, there's a missing file that needs adding first; see below). $ systemctl --now disable wpa_supplicant.service $ systemctl --now enable iwd.service (Those commands are quieter when done as root, or with sudo.) $ iwctl Waiting for IWD to start... [iwd]# This section is interactive. Some of the commands here are just to confirm its actions and replies. Don't type the "iwctl" before each command: it's only needed when typing into a bash prompt, as opposed to the [iwd]# prompt². iwctl adapter list iwctl adapter phy0 show iwctl device list iwctl device wlan0 show iwctl station list iwctl station wlan0 show iwctl station wlan0 get-networks iwctl station wlan0 connect YourSSID Type the network passphrase for Cascade5G psk. Passphrase: ********************************* iwctl known-networks list iwctl station wlan0 show By the end of all this, the link should be working, and a file like this will have been written (that only root can see): # cat /var/lib/iwd/YourSSID.psk [Security] PreSharedKey=abdcef0123456789…abdcef0123456789…abdcef0123456789 Passphrase=yoursecretpassphrase # The other file that I have created on my bullseye is: # /etc/iwd/main.conf [General] # use DHCP client built into iwd: EnableNetworkConfiguration=true # for use only when travelling: #AddressRandomization=network [Network] # systemd-resolved would otherwise default: NameResolvingService=resolvconf # That should be enough to get connected to a router via wifi as soon as it boots up, with DHCP supplying an IP address, and contents for resolv.conf. However, the latter does not happen until I make one other change. The problem appears to be that iwd doesn't have necessary permission to mess with /run/resolvconf and /etc/resolv.conf. AIUI it's not file permissions, but internal policy within systemd. The simplest fix seems to be:³ # cp -ip /lib/systemd/system/iwd.service /etc/systemd/system/ # edit /etc/systemd/system/iwd.service and add these two lines to the end of the [Service] section: RuntimeDirectory=resolvconf ReadWritePaths=/etc The error being eliminated can be seen in /var/log/daemon.log: iwd[…]: /usr/sbin/resolvconf: 57: cannot create /run/resolvconf/run-lock: Read-only file system iwd[…]: resolve: /usr/sbin/resolvconf exited with status (512). After fixing and rebooting, you should get something like: /run/resolvconf/: -rw-r--r-- 1 root root 0 enable-updates drwxr-xr-x 2 root root 60 interface -rw-r--r-- 1 root root 298 resolv.conf -rw-r--r-- 1 root root 0 run-lock /run/resolvconf/interface: -rw-r--r-- 1 root root 23 wlan0.dns $ Note that the comments in /run/resolvconf/resolv.conf are misleading, and assume that we're using systemd-resolved. Running "resolvectl status", as suggested there, gives: Failed to get global data: Unit dbus-org.freedesktop.resolve1.service not found. Why don't I use systemd-resolved? (a) I don't understand its documentation, nor its diagnostic output, and (b) it was slow resolving, say, google.com, and threw an error rather than resolve www.google.com. Not a lot of use to me. If you try this on buster, which has a very old version of iwd, you need to create this file to prevent the kernel from renaming the wifi interface, which can cause a race with iwd. # /etc/systemd/network/80-iwd.link [Match] Type=wlan [Link] # prevent udev from renaming this interface: NamePolicy=keep kernel # Also, the EnableNetworkConfiguration=true doesn't appear to have been implemented on buster's version 0.14, so the IP configuration has to be left up to systemd-networkd with: # cat /etc/systemd/network/80-wifi-station.network [Match] Name=wlan0 [Network] DHCP=yes # (/usr/lib/systemd/network/80-wifi-station.network.example is taken from bullseye, but simplified.) However, I haven't seen any nameservers being added to resolv.conf in buster. Back in bullseye, I can simultaneously configure a static interface with the same IP address on the wired ethernet interface, which is a useful backup for my LAN in the absence of wifi. However, I haven't yet worked out how to make systemd-networkd talk to resolvconf (whilst sharing with iwd) so that the wired interface can resolve Internet addresses. This thread is covering a similar lack when using NetworkManager: https://lists.debian.org/debian-user/2022/03/msg00484.html and I'm currently looking through references in: https://unix.stackexchange.com/questions/517919/systemd-way-to-disable-wlan-if-wired-network-is-available Because all my computers can intercommunicate on my LAN using /etc/hosts, it's not too much of an issue at present. I can even update/upgrade through my local apt-cacher-ng. ¹ virtually none in buster. ² If you want to log your conversation, it's easiest to run each iwctl command separately at a shell prompt and copy/paste the output. Using script on an interactive session is not the way to go. ³ Don't alter anything in /lib, but override and supplement things in /etc. Cheers, David.