|Summary:||wg-quick DNS configuration gets lost if SaveConfig is enabled in the configuration file|
|Product:||[Fedora] Fedora||Reporter:||H.Janssen <hmmsjan>|
|Component:||wireguard-tools||Assignee:||Joe Doss <joe>|
|Status:||NEW ---||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Fixed In Version:||Doc Type:||If docs needed, set a value|
|Doc Text:||Story Points:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description H.Janssen 2022-07-27 06:18:26 UTC
Created attachment 1899583 [details] patch to get DNS and Saveconfig combination running in wg-quick Description of problem: DNS= lines disappear from the configuration if SaveConfig=true Version-Release number of selected component (if applicable): wireguard-tools-1.0.20210914-2.fc36.x86_64 How reproducible: Always Steps to Reproduce: 1.wg-quick up wg0 with DNS= and SaveConfig=true in wg0.conf 2.wg-quick down wg0 3. Actual results: DNS= lost in config file Expected results: DNS= as before Additional info: The save_config routine in wg-quick uses "resolvconf -l " to get a list of nameservers for this interface. This is not supported in Fedora 36. The second try is listing a file which also does not exist in Fedora. Adding a third try calling "resolvectl dns <interfacevar> " and adapting the output to be equal to "resolvconf -l" with cut and awk fixes the problem. Probably there are cleaner ways to adapt the script to the different distributions.
Comment 1 Joe Doss 2022-07-27 20:21:08 UTC
Hi there, Have thought about pushing these changes upstream to see if we can fix things at that level vs maintaining a patch on our end? Jason is pretty good about taking patches for these kinds of things. Joe
Comment 2 Ilkka Tengvall 2022-07-27 20:27:16 UTC
I applied and verified the functionality. It fixes the problem. This topic is discussed here, for background: https://ask.fedoraproject.org/t/wireguard-client-not-working-even-if-wg0-is-showing-traffic-count/ I'd check if the rpm dependencies cover the tools used in patch, resolvectl, cut, awk.
Comment 3 H.Janssen 2022-07-29 21:54:25 UTC
Thanks. Of course fine to send the patch to upstream. The good thing of the patch is that it is one line and works, the bad thing is that it modifies the output of a command to mimic another command. May be there are better ways to get the info, like a welldefined DBus API. And it is not guaranteed that systemd-resolved is up in Fedora, so probably it is not easy to program it in a robust way for all environments in all configurations.