Description of problem: When trying to establish a wireguard connection including a pre-shared key, the connection will not be enabled. Version-Release number of selected component (if applicable): nmcli 1.30.4-1.fc34 Steps to Reproduce: 1. Open a terminal window as unpriviledged user and type "nm-connection-editor" 2. Add a new wireguard connection wg0 including a pre-shared key choosing only to save the Pre-shared key and the Private key for the current user. 3. Bring the connection up using "nmcli connection up wg0" Actual results: The connection will not become active. Expected results: The connection should become active.
please provide a level=TRACE log. Read https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/contrib/fedora/rpm/NetworkManager.conf#L27 for hints about logging and how about to get logs. Note also the comments about private sensitive data in the logs and take care of that.
The PSK doesn´t get saved to the GNOME-keyring. preshared-key-flags=1 is set in the config file. That´s all I can provide at the moment.
Without looking deeper into this: gnome-shell does not support WireGuard yet ([1]). So it would be expected that it is unable to store the WireGuard secret. [1] https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2989
The private key gets stored in the GNOME-keyring though.
Created attachment 1801697 [details] networkmanager logs I can reproduce the issue in fedora 34 KDE and changed the log level to trace and attached it.
(In reply to Afox from comment #4) > The private key gets stored in the GNOME-keyring though. The private key is a standard property, while the preshared-key is a key in an array of dictionaries (the peers) and must be handled specially by secret agents (GNOME Applet, GNOME Shell or KDE Applet). This adds support to the GNOME Applet: https://gitlab.gnome.org/GNOME/network-manager-applet/-/merge_requests/102/commits
Will this fix find its way to Fedora 34? Thank you
Yes, probably when there is the next upstream release. But from what I understood you are using GNOME-Shell while that fix was for the nm-applet, so it doesn't affect you.
If I understood correctly there currently is no wireguard implementation in GNOME-Shell so if using "nm-connection-editor" means using the nm-applet it affects and fixes it for me. Best regards
> so if using "nm-connection-editor" means using the nm-applet While "nm-connection-editor" and "nm-applet" are part of the same project, they are different binaries. Probably you can run "nm-applet" from GNOME, but the applet icon will not appear anywhere; however it should be able to fetch secrets from the keyring.
This message is a reminder that Fedora Linux 34 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora Linux 34 on 2022-06-07. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a 'version' of '34'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, change the 'version' to a later Fedora Linux version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora Linux 34 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora Linux, you are encouraged to change the 'version' to a later version prior to this bug being closed.
Using network-manager-applet version 1.24.0 this issue doesn´t seem to be resolved as also stated in this issue on gitlab: https://gitlab.gnome.org/GNOME/network-manager-applet/-/issues/157
This message is a reminder that Fedora Linux 36 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora Linux 36 on 2023-05-16. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a 'version' of '36'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, change the 'version' to a later Fedora Linux version. Note that the version field may be hidden. Click the "Show advanced fields" button if you do not see it. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora Linux 36 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora Linux, you are encouraged to change the 'version' to a later version prior to this bug being closed.
Fedora Linux 36 entered end-of-life (EOL) status on 2023-05-16. Fedora Linux 36 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora Linux please feel free to reopen this bug against that version. Note that the version field may be hidden. Click the "Show advanced fields" button if you do not see the version field. If you are unable to reopen this bug, please file a new report against an active release. Thank you for reporting this bug and we are sorry it could not be fixed.