This bug was fixed in the package systemd - 240-6ubuntu9
---------------
systemd (240-6ubuntu9) eoan; urgency=medium
* Fix typpo in storage test.
File: debian/tests/storage
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f28aa5fe4ab175b99b6ea702559c59ca473b4ca8
* Fix bashism
File: debian/extra/dhclient-enter-resolved-hook
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0725c1169ddde4f41cacba7af3e546704e2206be
systemd (240-6ubuntu8) eoan; urgency=medium
* Only restart resolved on changes in dhclient enter hook.
This prevents spurious restarts of resolved on rebounds when
the addresses did not change. (LP: #1805183)
Author: Julian Andres Klode
File: debian/extra/dhclient-enter-resolved-hook
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=258893bae8cbb12670e4807636fe8f7e9fb5407a
* Wait for cryptsetup unit to start, before stopping.
Patch from cascardo. Plus small refactor for readability. (LP: #1814373)
File: debian/tests/storage
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b65aa350be7e61c65927fbc0921a750fcfaa51cd
* Wait for systemctl is-system-running state.
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=776998f1f55c445b6e385cab69a4219c42d00838
systemd (240-6ubuntu7) eoan; urgency=medium
* Revert "Add check to switch VTs only between K_XLATE or K_UNICODE"
This reverts commit 60407728a1a453104e3975ecfdf25a254dd7cc44.
Files:
-
debian/patches/Add-check-to-switch-VTs-only-between-K_XLATE-or-K_UNICODE.patch
-
debian/patches/Move-verify_vc_kbmode-to-terminal-util.c-as-vt_verify_kbm.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=18029ab5ff436bfb3b401f24cd1e3a4cf2a1579c
* Cherrypick missing systemd-stable patches to unbreak wireguard peer
endpoints.
Signed-off-by: Dimitri John Ledkov <[email protected]> (LP: #1825378)
Author: Dan Streetman
Files:
- debian/patches/network-wireguard-fixes-sending-wireguard-peer-setti.patch
- debian/patches/network-wireguard-use-sd_netlink_message_append_sock.patch
- debian/patches/sd-netlink-introduce-sd_netlink_message_append_socka.patch
- debian/patches/test-network-add-more-checks-in-NetworkdNetDevTests..patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=4046f515e40c4dc80d18d2303466737f1f451f11
* Remove expected failure from passing test.
Signed-off-by: Dimitri John Ledkov <[email protected]> (LP: #1829450)
Author: Dan Streetman
File: debian/tests/systemd-fsckd
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c43b12037d08555dc1d26593307726d7c7992df0
* Fix false negative checking for running jobs after boot.
Signed-off-by: Dimitri John Ledkov <[email protected]> (LP: #1825997)
Author: Dan Streetman
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=aeb01631efbaf3fe851dee15d496e0b66b5c347f
* Cherrypick ask-password: prevent buffer overrow when reading from keyring.
Signed-off-by: Dimitri John Ledkov <[email protected]> (LP: #1814373)
Author: Dan Streetman
File:
debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6d6e9cbd4fc6e018031a4762e88f2c3aa19e24e8
-- Dimitri John Ledkov <[email protected]> Thu, 30 May 2019 21:45:50
+0100
** Changed in: systemd (Ubuntu Eoan)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1825378
Title:
systemd-networkd doesn't set wireguard peer endpoint
Status in systemd package in Ubuntu:
Fix Released
Status in systemd source package in Cosmic:
Invalid
Status in systemd source package in Disco:
Fix Committed
Status in systemd source package in Eoan:
Fix Released
Bug description:
[impact]
systemd does not set endpoints for wireguard interfaces correctly.
This makes wireguard unusable.
[test case]
install a disco or eoan system and set up a wireguard interface:
$ sudo add-apt-repository ppa:wireguard/wireguard
$ sudo apt install wireguard
...(this does a lot of stuff)...
create a file as below; There is no need to setup remote server to
reproduce this issue, but PublicKey/PrivateKey should be valid one
(used instructions from https://www.linode.com/docs/networking/vpn
/set-up-wireguard-vpn-on-ubuntu/#configure-wireguard-server):
$ cat /etc/systemd/network/wg0.netdev
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=uMuCbguKYdKanRYMbDSriIdgxGxJR57Us1zEy8wRc1M=
ListenPort=51820
[WireGuardPeer]
PublicKey=ZRyl+kvb6o2/6Da5YLum6GnSrzDj3J002+2kmK5CnS4=
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
$ sudo systemctl restart systemd-networkd
$ sudo wg show wg0
interface: wg0
public key: BnvFgvPiVb5xURfzZ5liV1P77qeGeJDIX3C1iNquA2k=
private key: (hidden)
listening port: 51820
peer: ZRyl+kvb6o2/6Da5YLum6GnSrzDj3J002+2kmK5CnS4=
allowed ips: 10.0.0.0/8
the last command should print remote endpoint address, e.g.:
peer: ZRyl+kvb6o2/6Da5YLum6GnSrzDj3J002+2kmK5CnS4=
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
[regression potential]
any changes to systemd contain the potential for serious regressions.
However, this is cherry picked directly from upstream, with the
releases requiring patching (disco and eoan) being at exactly the same
version and very close to upstream already. Additionally, while this
does add 2 new functions (from upstream commit
https://github.com/systemd/systemd/pull/11580/commits/abd48ec87f2ac5dd571a99dcb4db88c4affdffc8),
they are only used - and code is only changed in - wireguard.c, so any
regressions should be limited to wireguard interfaces (unless systemd
crashes completely).
[other info]
this bug is not present in cosmic and earlier, and is already fixed in
upstream systemd, so this is needed only for disco and eoan.
original description:
---
systemd/disco 240 shipped with Ubuntu 19.04 beta does not set
endpoints for [WireguradPeer] properly.
This regression was introduced in v241 and merged into v240.
systemd 241 doesn't set wireguard peer endpoint
https://github.com/systemd/systemd/issues/11579
Revert of the regression was landed on v240 stable branch
https://github.com/systemd/systemd-stable/pull/39
1)2) confirmed with,
systemd/disco 240-6ubuntu5 amd64
3)
put a netdev file /etc/systemd/network/wg0.netdev
---
[NetDev]
Name=wg0
Kind=wireguard
[WireGuard]
PrivateKey=**************
ListenPort=51820
[WireGuardPeer]
PublicKey=*************
AllowedIPs=10.0.0.0/8
Endpoint=192.168.1.1:51820
----
and run
---
# systemctl restart systemd-networkd
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
allowed ips: 10.0.0.0/8
----
4)
the last command should print remote endpoint address.
---
# wg show wg0
interface: wg0
public key: *****************
private key: (hidden)
listening port: 51820
peer: *****************
endpoint: 192.168.1.1:51820
allowed ips: 10.0.0.0/8
----
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1825378/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
