Hi,
I try to get the Wireguard docker container running on my Raspberry Pi 4 running Ubuntu 19.10 (Eoan).
After starting, I get an error about wg0 not created.
I restarted the container, even rebooted the RPi, but kept getting the error:
-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/
Brought to you by linuxserver.io
-------------------------------------
To support the app dev(s) visit:
WireGuard: https://www.wireguard.com/donations/
To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------
User uid: 1000
User gid: 1000
-------------------------------------
[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 30-config: executing...
Hit:1 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic InRelease
Hit:2 http://ports.ubuntu.com/ubuntu-ports bionic InRelease
Hit:3 http://ports.ubuntu.com/ubuntu-ports bionic-updates InRelease
Hit:4 http://ports.ubuntu.com/ubuntu-ports bionic-backports InRelease
Hit:5 http://ports.ubuntu.com/ubuntu-ports bionic-security InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
linux-headers-5.3.0-1022-raspi2 is already the newest version (5.3.0-1022.24~18.04.1).
wireguard is already the newest version (1.0.20200319-0ppa1~18.04).
0 upgraded, 0 newly installed, 0 to remove and 7 not upgraded.
Server mode is selected
External server address is set to [*removed*]
External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container
Internal subnet is set to 10.13.13.0
PEERDNS var is either not set or is set to "auto", setting peer DNS to 10.13.13.1 to use wireguard docker host's DNS.
Server mode is selected
No changes to parameters. Existing configs are used.
[cont-init.d] 30-config: exited 0.
[cont-init.d] 99-custom-scripts: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-scripts: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[#] ip link add wg0 type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev wg0
Cannot find device "wg0"
.:53
CoreDNS-1.6.9
linux/arm64, go1.14.1, 1766568
Ran with PUID/GUID 1000 and 0, same result.
wg0.conf is created with correct data.
What could be the issue?
Seeing it pulls from Bionic repo’s, could that be an issue?
The fresh container logs:
[s6-init] making user provided files available at /var/run/s6/etc…exited 0.
[s6-init] ensuring user provided files have correct perms…exited 0.
[fix-attrs.d] applying ownership & permissions fixes…
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts…
[cont-init.d] 01-envfile: executing…
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing…
-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/
Brought to you by linuxserver.io
-------------------------------------
To support the app dev(s) visit:
WireGuard: https://www.wireguard.com/donations/
To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------
User uid: 1000
User gid: 1000
-------------------------------------
[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 30-config: executing...
Get:1 http://ports.ubuntu.com/ubuntu-ports bionic InRelease [242 kB]
Get:2 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic InRelease [15.9 kB]
Get:3 http://ports.ubuntu.com/ubuntu-ports bionic-updates InRelease [88.7 kB]
Get:4 http://ports.ubuntu.com/ubuntu-ports bionic-backports InRelease [74.6 kB]
Get:5 http://ports.ubuntu.com/ubuntu-ports bionic-security InRelease [88.7 kB]
Get:6 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main Sources [1,212 B]
Get:7 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main arm64 Packages [924 B]
Get:8 http://ports.ubuntu.com/ubuntu-ports bionic/main arm64 Packages [1,285 kB]
Get:9 http://ports.ubuntu.com/ubuntu-ports bionic/multiverse arm64 Packages [153 kB]
Get:10 http://ports.ubuntu.com/ubuntu-ports bionic/restricted arm64 Packages [572 B]
Get:11 http://ports.ubuntu.com/ubuntu-ports bionic/universe arm64 Packages [11.0 MB]
Get:12 http://ports.ubuntu.com/ubuntu-ports bionic-updates/multiverse arm64 Packages [3,457 B]
Get:13 http://ports.ubuntu.com/ubuntu-ports bionic-updates/main arm64 Packages [845 kB]
Get:14 http://ports.ubuntu.com/ubuntu-ports bionic-updates/universe arm64 Packages [1,222 kB]
Get:15 http://ports.ubuntu.com/ubuntu-ports bionic-updates/restricted arm64 Packages [1,036 B]
Get:16 http://ports.ubuntu.com/ubuntu-ports bionic-backports/universe arm64 Packages [7,337 B]
Get:17 http://ports.ubuntu.com/ubuntu-ports bionic-backports/main arm64 Packages [8,260 B]
Get:18 http://ports.ubuntu.com/ubuntu-ports bionic-security/multiverse arm64 Packages [1,843 B]
Get:19 http://ports.ubuntu.com/ubuntu-ports bionic-security/main arm64 Packages [571 kB]
Get:20 http://ports.ubuntu.com/ubuntu-ports bionic-security/universe arm64 Packages [743 kB]
Get:21 http://ports.ubuntu.com/ubuntu-ports bionic-security/restricted arm64 Packages [581 B]
Fetched 16.4 MB in 5s (3,624 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
linux-raspi2-5.3-headers-5.3.0-1022 wireguard-dkms wireguard-tools
The following NEW packages will be installed:
linux-headers-5.3.0-1022-raspi2 linux-raspi2-5.3-headers-5.3.0-1022
wireguard wireguard-dkms wireguard-tools
0 upgraded, 5 newly installed, 0 to remove and 7 not upgraded.
Need to get 12.3 MB of archives.
After this operation, 80.9 MB of additional disk space will be used.
Get:1 http://ports.ubuntu.com/ubuntu-ports bionic-updates/universe arm64 linux-raspi2-5.3-headers-5.3.0-1022 arm64 5.3.0-1022.24~18.04.1 [11.1 MB]
Get:2 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main arm64 wireguard-dkms all 1.0.20200413-0ubuntu2~18.04 [254 kB]
Get:3 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main arm64 wireguard-tools arm64 1.0.20200319-0ppa1~18.04 [86.5 kB]
Get:4 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main arm64 wireguard all 1.0.20200319-0ppa1~18.04 [7,980 B]
Get:5 http://ports.ubuntu.com/ubuntu-ports bionic-updates/universe arm64 linux-headers-5.3.0-1022-raspi2 arm64 5.3.0-1022.24~18.04.1 [829 kB]
Fetched 12.3 MB in 1s (10.0 MB/s)
Selecting previously unselected package linux-raspi2-5.3-headers-5.3.0-1022.
(Reading database ... 45877 files and directories currently installed.)
Preparing to unpack .../linux-raspi2-5.3-headers-5.3.0-1022_5.3.0-1022.24~18.04.1_arm64.deb ...
Unpacking linux-raspi2-5.3-headers-5.3.0-1022 (5.3.0-1022.24~18.04.1) ...
Selecting previously unselected package linux-headers-5.3.0-1022-raspi2.
Preparing to unpack .../linux-headers-5.3.0-1022-raspi2_5.3.0-1022.24~18.04.1_arm64.deb ...
Unpacking linux-headers-5.3.0-1022-raspi2 (5.3.0-1022.24~18.04.1) ...
Selecting previously unselected package wireguard-dkms.
Preparing to unpack .../wireguard-dkms_1.0.20200413-0ubuntu2~18.04_all.deb ...
Unpacking wireguard-dkms (1.0.20200413-0ubuntu2~18.04) ...
Selecting previously unselected package wireguard-tools.
Preparing to unpack .../wireguard-tools_1.0.20200319-0ppa1~18.04_arm64.deb ...
Unpacking wireguard-tools (1.0.20200319-0ppa1~18.04) ...
Selecting previously unselected package wireguard.
Preparing to unpack .../wireguard_1.0.20200319-0ppa1~18.04_all.deb ...
Unpacking wireguard (1.0.20200319-0ppa1~18.04) ...
Setting up wireguard-dkms (1.0.20200413-0ubuntu2~18.04) ...
Loading new wireguard-1.0.20200413 DKMS files...
It is likely that 5.3.0-1022-raspi2 belongs to a chroot's host
Building for 5.3.0-1014-raspi2, 5.3.0-1015-raspi2, 5.3.0-1017-raspi2, 5.3.0-1018-raspi2, 5.3.0-1019-raspi2, 5.3.0-1021-raspi2 and 5.3.0-1022-raspi2
Module build for kernel 5.3.0-1014-raspi2 was skipped since the
kernel headers for this kernel does not seem to be installed.
Module build for kernel 5.3.0-1015-raspi2 was skipped since the
kernel headers for this kernel does not seem to be installed.
Module build for kernel 5.3.0-1017-raspi2 was skipped since the
kernel headers for this kernel does not seem to be installed.
Module build for kernel 5.3.0-1018-raspi2 was skipped since the
kernel headers for this kernel does not seem to be installed.
Module build for kernel 5.3.0-1019-raspi2 was skipped since the
kernel headers for this kernel does not seem to be installed.
Module build for kernel 5.3.0-1021-raspi2 was skipped since the
kernel headers for this kernel does not seem to be installed.
Building initial module for 5.3.0-1022-raspi2
Done.
wireguard:
Running module version sanity check.
Good news! Module version 1.0.20200413 for wireguard.ko
exactly matches what is already found in kernel 5.3.0-1022-raspi2.
DKMS will not replace this module.
You may override by specifying --force.
depmod.....
DKMS: install completed.
Setting up wireguard-tools (1.0.20200319-0ppa1~18.04) ...
Setting up linux-raspi2-5.3-headers-5.3.0-1022 (5.3.0-1022.24~18.04.1) ...
Setting up linux-headers-5.3.0-1022-raspi2 (5.3.0-1022.24~18.04.1) ...
/etc/kernel/header_postinst.d/dkms:
* dkms: running auto installation service for kernel 5.3.0-1022-raspi2
...done.
Setting up wireguard (1.0.20200319-0ppa1~18.04) ...
Server mode is selected
External server address is set to [*removed*]
External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container
Internal subnet is set to 10.13.13.0
PEERDNS var is either not set or is set to "auto", setting peer DNS to 10.13.13.1 to use wireguard docker host's DNS.
Server mode is selected
Server related environment variables changed, regenerating 1 server and 3 peer/client confs
PEER 1 QR code:
[*removed*]
PEER 2 QR code:
[*removed*]
PEER 3 QR code:
[*removed*]
[cont-init.d] 30-config: exited 0.
[cont-init.d] 99-custom-scripts: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-scripts: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[#] ip link add wg0 type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev wg0
Cannot find device "wg0"
.:53
CoreDNS-1.6.9
linux/arm64, go1.14.1, 1766568
We will have to look more into this, right up until the end, your logs look perfect. If you want to give something a try (i doubt it will fix the issue) you can try removing your current stuff and in your docker run, change linuxserver/wireguard to lsiodev/wireguard.
if you do try it, let us know if that changes anything.
Just installed wireguard-dkms, these applications came along: build-essential cpp cpp-9 dkms dpkg-dev fakeroot g++ g++-9 gcc gcc-9 libalgorithm-diff-perllibalgorithm-diff-xs-perl libalgorithm-merge-perl libasan5 libatomic1 libc-dev-bin libc6-dev libcc1-0 libdpkg-perl libfakeroot libfile-fcntllock-perl libgcc-9-dev libisl21 libitm1 liblsan0 libmpc3 libstdc++-9-dev libtsan0 libubsan1 linux-libc-dev make manpages-dev wireguard wireguard-tools
Did the reboot and a redeploy of the lsiodev.
Also had a kernel update to 1023 (from 1022).
No luck
Did see this as a difference:
Building initial module for 5.3.0-1023-raspi2
Done.
wireguard:
Running module version sanity check.
- Original module
- Installation
- Installing to /lib/modules/5.3.0-1023-raspi2/updates/dkms/
depmod.....
DKMS: install completed.
Setting up wireguard-tools (1.0.20200319-0ppa1~18.04) ...
Setting up wireguard (1.0.20200319-0ppa1~18.04) ...
Setting up linux-raspi2-5.3-headers-5.3.0-1023 (5.3.0-1023.25~18.04.1) ...
Setting up linux-headers-5.3.0-1023-raspi2 (5.3.0-1023.25~18.04.1) ...
/etc/kernel/header_postinst.d/dkms:
* dkms: running auto installation service for kernel 5.3.0-1023-raspi2
...done.
Server mode is selected
you dont have to use lsiodev, we merged all the changes into master yesterday. you can go back to linuxserver/wireguard (they are the same now, so the swap won’t fix anything)
this remains a very odd situation, i probably need to pick up a pi4 and test.
ubuntu@ubuntu:~$ sudo modprobe wireguard
modprobe: ERROR: could not insert 'wireguard': Unknown symbol in module, or unknown parameter (see dmesg)
ubuntu@ubuntu:~$ sudo dmesg
...
...
[91919.207358] wireguard: Unknown symbol __stack_chk_guard (err -2)
Also I found this:
In container:
Preparing to unpack …/wireguard_1.0.20200319-0ppa1~18.04_all.deb …
Unpacking wireguard (1.0.20200319-0ppa1~18.04) …
Setting up wireguard-dkms (1.0.20200426-0ppa1~18.04) …
Loading new wireguard-1.0.20200426 DKMS files…
On host:
ubuntu@ubuntu:~$ sudo dkms status
wireguard, 0.0.20200205, 5.3.0-1023-raspi2, aarch64: installed (WARNING! Diff between built and installed module!)
A modprobe:
ubuntu@ubuntu:~$ sudo modprobe -vv wireguard
modprobe: INFO: …/libkmod/libkmod.c:364 kmod_set_log_fn() custom logging function 0xaaaaba6a8eb0 registered
insmod /lib/modules/5.3.0-1023-raspi2/updates/dkms/wireguard.ko
modprobe: INFO: …/libkmod/libkmod-module.c:886 kmod_module_insert_module() Failed to insert module ‘/lib/modules/5.3.0-1023-raspi2/updates/dkms/wireguard.ko’: No such file or directory
modprobe: ERROR: could not insert ‘wireguard’: Unknown symbol in module, or unknown parameter (see dmesg)
modprobe: INFO: …/libkmod/libkmod.c:331 kmod_unref() context 0xaaaad403f430 released
This file is in that location:
/lib/modules/5.3.0-1023-raspi2/updates/dkms/wireguard.ko
But this is from modprobe -vvv:
…
modprobe: DEBUG: …/libkmod/libkmod-module.c:1749 kmod_module_get_initstate() could not open ‘/sys/module/wireguard/initstate’: No such file or directory
modprobe: DEBUG: …/libkmod/libkmod-module.c:1759 kmod_module_get_initstate() could not open ‘/sys/module/wireguard’: No such file or directory
i’m guessing now, but it may be worth deleting wireguard.ko, maybe even /lib/modules/5.3.0-1023-raspi2 all together, then let wireguard re-pull/compile all that stuff