On 21/07/2022 14:37, Josh Boyer wrote: > On Thu, Jul 21, 2022 at 9:25 AM Phil Perry <pperry at elrepo.org> wrote: >> >> It is a shame that RH/Stream are unable to support the WireGuard CI. >> >> In addition to Oracle, you could also use RHEL or Alma or Rocky or any >> other supported distro/kernel. > > In this case, I think CentOS Stream is actually catching things as we > expect. The next RHEL release (and therefore Alma, Rocky, or any > other rebuild) will have the same issues if the changes aren't made > before then. There's a bug reported for this and the resolution was > that the out of tree Wireguard module for EL8 needs to stop defining a > particular function in a header. > The issue is that the C8S kernel will not run on the WireGuard CI [1], so WireGuard are unable/unwilling to address these issues upstream as part of their continuous development (as they do for every other kernel they backport to), _before_ they become an issue. If the C8S kernel ran on the WireGuard CI, these issues would get fixed at source and you would never see these filed bugs or mailing list threads. WireGuard filed numerous bugs [2,3] with patches with Red Hat to get the Stream kernel running on the their CI, which Red Hat eventually declined to accept (and I totally get the reasons why), so WireGuard eventually gave up and dropped support for CentOS Stream. The next best solution (other than getting Stream running on WireGuard's CI) would be for the kmod SIG (or some other 3rd party provider) to fix the code and ship kmods for Stream, but obviously that takes time and users are potentially left with a broken VPN each time a new kernel update is pushed. But it looks like upstream have lost interest in supporting Stream which is a shame. [1] https://lists.zx2c4.com/pipermail/wireguard/2022-June/007664.html [2] https://bugzilla.redhat.com/show_bug.cgi?id=1905962 [3] https://bugzilla.redhat.com/show_bug.cgi?id=1839419 > As a potential option, CentOS Stream 9/RHEL 9 has Wireguard included > and does not have this issue to my knowledge. > > josh > >> >> On 21/07/2022 11:12, Jean-Marc Liger wrote: >>> Hi L, >>> >>> You could otherwise use Oracle UEK kernel : >>> >>> https://blogs.oracle.com/linux/post/how-to-setup-wireguard-on-oracle-linux >>> >>> Regards, >>> Jean-Marc >>> >>> Le 21/07/2022 à 07:41, lejeczek via CentOS-devel a écrit : >>>> Hi guys. >>>> >>>> I asked wireguad's devel and the author explained the troublesome case >>>> of wireguard & c8S - without me going into depth of that - do you guys >>>> know how to get Wireguard work in 8 Stream? >>>> With "official" way with copr from "jdoss/wireguard-tools" module >>>> remains broken for last two kernel versions. >>>> >>>> many thanks, L. >>>>